From f97f6db9457ab08ad28600410ac8a1ce7c45a0da Mon Sep 17 00:00:00 2001
From: Jesper Zedlitz <jesper@zedlitz.de>
Date: Thu, 25 Aug 2022 14:02:56 +0200
Subject: [PATCH] Update to Spring Boot 2.7.3

---
 owasp-suppressions.xml | 7 +++++++
 pom.xml                | 9 ++++++---
 2 files changed, 13 insertions(+), 3 deletions(-)
 create mode 100644 owasp-suppressions.xml

diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml
new file mode 100644
index 0000000..eccec31
--- /dev/null
+++ b/owasp-suppressions.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.2.xsd">
+  <suppress>
+    <notes>According to the description of the vulnerability, only Spring up to version 5.3.16 is affected. But we use at least version 5.3.20.</notes>
+    <cve>CVE-2016-1000027</cve>
+  </suppress>
+</suppressions>
diff --git a/pom.xml b/pom.xml
index 83564d1..808e1dc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
   <parent>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-parent</artifactId>
-    <version>2.6.6</version>
+    <version>2.7.3</version>
     <relativePath />
   </parent>
   <groupId>de.landsh.opendata</groupId>
@@ -14,7 +14,7 @@
   <description>DCAT catalog proxy</description>
   <properties>
     <java.version>1.8</java.version>
-    <jena.version>4.4.0</jena.version>
+    <jena.version>4.5.0</jena.version>
   </properties>
   <dependencies>
     <dependency>
@@ -145,8 +145,11 @@
       <plugin>
         <groupId>org.owasp</groupId>
         <artifactId>dependency-check-maven</artifactId>
-        <version>6.5.3</version>
+        <version>7.1.0</version>
         <configuration>
+          <suppressionFiles>
+                 <suppressionFile>owasp-suppressions.xml</suppressionFile>
+          </suppressionFiles>
           <failBuildOnCVSS>8</failBuildOnCVSS>
           <assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
           <failOnError>true</failOnError>
-- 
GitLab