From 5d248b69cad8ce92165fab2aeec29744d05220a2 Mon Sep 17 00:00:00 2001
From: CanaryCr <canarycr@proton.me>
Date: Sat, 27 Jul 2024 19:12:37 +0530
Subject: [PATCH 1/4] Upgraded spring-boot version > 3.1.11 to resolve
 vulnerabilities

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 0b31b04dd..512c4068e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -45,7 +45,7 @@
         <protobuf-java.version>3.23.3</protobuf-java.version>
         <scala-lang.library.version>2.13.9</scala-lang.library.version>
         <snakeyaml.version>2.2</snakeyaml.version>
-        <spring-boot.version>3.1.9</spring-boot.version>
+        <spring-boot.version>3.1.11</spring-boot.version>
         <serde-api.version>1.0.0</serde-api.version>
         <odd-oddrn-generator.version>0.1.17</odd-oddrn-generator.version>
         <odd-oddrn-client.version>0.1.39</odd-oddrn-client.version>

From ed36a4cfbad80c0d047e614961e352e54e5226b8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 27 Jul 2024 13:44:46 +0000
Subject: [PATCH 2/4] fix: api/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMNIMBUSDS-6247633
- https://snyk.io/vuln/SNYK-JAVA-CHQOSLOGBACK-6097493
---
 api/pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api/pom.xml b/api/pom.xml
index 70ab59c5c..77d26af3d 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -257,13 +257,13 @@
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-classic</artifactId>
-            <version>1.4.12</version>
+            <version>1.4.14</version>
         </dependency>
         <!--        CVE fixes -->
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-core</artifactId>
-            <version>1.4.12</version>
+            <version>1.4.14</version>
         </dependency>
         <!--        CVE fixes -->
         <dependency>

From fb71c665a23de7e52cce90f3f35b71d6fff86725 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 27 Jul 2024 13:47:25 +0000
Subject: [PATCH 3/4] fix: e2e-tests/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGXERIALSNAPPY-5710960
- https://snyk.io/vuln/SNYK-JAVA-ORGXERIALSNAPPY-5918282
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEZOOKEEPER-5961102
- https://snyk.io/vuln/SNYK-JAVA-ORGXERIALSNAPPY-5710959
- https://snyk.io/vuln/SNYK-JAVA-ORGXERIALSNAPPY-5710961
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEZOOKEEPER-6447882
---
 e2e-tests/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/e2e-tests/pom.xml b/e2e-tests/pom.xml
index c46bb78eb..80a5663a7 100644
--- a/e2e-tests/pom.xml
+++ b/e2e-tests/pom.xml
@@ -12,7 +12,7 @@
     <artifactId>e2e-tests</artifactId>
 
     <properties>
-        <kafka.version>3.3.1</kafka.version>
+        <kafka.version>3.6.1</kafka.version>
         <contract>${project.version}</contract>
         <maven.compiler.release>17</maven.compiler.release>
         <maven.surefire.release>3.2.3</maven.surefire.release>

From 21a4444ff2f3fd89a10e1e95831f29d262b3513b Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 27 Jul 2024 14:09:37 +0000
Subject: [PATCH 4/4] fix: e2e-tests/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGBITBUCKETBC-6139942
---
 e2e-tests/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/e2e-tests/pom.xml b/e2e-tests/pom.xml
index 80a5663a7..6f8654e2a 100644
--- a/e2e-tests/pom.xml
+++ b/e2e-tests/pom.xml
@@ -12,7 +12,7 @@
     <artifactId>e2e-tests</artifactId>
 
     <properties>
-        <kafka.version>3.6.1</kafka.version>
+        <kafka.version>3.6.2</kafka.version>
         <contract>${project.version}</contract>
         <maven.compiler.release>17</maven.compiler.release>
         <maven.surefire.release>3.2.3</maven.surefire.release>