From fd6b8539953a938307e338ac3395b67eb3f1b892 Mon Sep 17 00:00:00 2001
From: Valery Kharseko <vharseko@3a-systems.ru>
Date: Wed, 25 Dec 2024 19:26:15 +0000
Subject: [PATCH] CVE-2024-12798 CVE-2024-12801 logback-core Expression Language Injection, Server-Side Request Forgery vulnerability (#455)

---
 opendj-embedded/pom.xml |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/opendj-embedded/pom.xml b/opendj-embedded/pom.xml
index 1c05031..b06d2e3 100644
--- a/opendj-embedded/pom.xml
+++ b/opendj-embedded/pom.xml
@@ -38,7 +38,7 @@
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-core</artifactId>
-            <version>1.2.13</version>
+            <version>1.5.13</version>
             <exclusions>
                 <exclusion>
                     <artifactId>slf4j-api</artifactId>
@@ -49,7 +49,7 @@
         <dependency>
             <groupId>ch.qos.logback</groupId>
             <artifactId>logback-classic</artifactId>
-            <version>1.2.13</version>
+            <version>1.5.13</version>
             <exclusions>
                 <exclusion>
                     <artifactId>slf4j-api</artifactId>

--
Gitblit v1.10.0