From f6d92872aab5e3b02651d266f77e01f7418fc5a1 Mon Sep 17 00:00:00 2001
From: phantomjinx <p.g.richardson@phantomjinx.co.uk>
Date: Wed, 24 Apr 2024 13:11:24 +0100
Subject: [PATCH] fix: Upgrades springboot to 3.2.5 for CVE-2024-22262

* The CVE requires the upgrade of spring products to 6.1.6+. To achieve
  this upgrade both the spring version and the springboot version in the
  pom configuration.

* See CVE described by https://spring.io/security/cve-2024-22262
---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index bfbe537665..dae53791e9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -54,8 +54,8 @@
     <!-- Quarkus -->
     <quarkus-version>3.8.2</quarkus-version>
     <!-- Spring -->
-    <spring-version>6.1.5</spring-version>
-    <spring-boot-version>3.2.3</spring-boot-version>
+    <spring-version>6.1.6</spring-version>
+    <spring-boot-version>3.2.5</spring-boot-version>
     <!-- Jetty -->
     <jetty-version>11.0.20</jetty-version>
     <!-- Keycloak -->