From bb6f1fb4d727b121cf77e77d79db2bd2cf0040d4 Mon Sep 17 00:00:00 2001
From: Bertrand Lorentz <bertrand.lorentz@publications.europa.eu>
Date: Mon, 5 Aug 2024 10:09:05 +0200
Subject: [PATCH] pom: Update dependencies on logback 1.5.6 and slf4j 2.0.13

This brings the fix for a vulnerability (CVE-2023-6378).
---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index de3f497..f337c07 100644
--- a/pom.xml
+++ b/pom.xml
@@ -64,11 +64,11 @@
     <!-- Versions - Third-party libraries -->
     <version.antlr4>4.13.1</version.antlr4>
     <version.commons-lang3>3.12.0</version.commons-lang3>
-    <version.logback>1.2.11</version.logback>
+    <version.logback>1.5.6</version.logback>
     <version.jackson>2.13.4</version.jackson>
     <version.jackson-databind>2.13.4.2</version.jackson-databind>
     <version.junit-jupiter>5.7.2</version.junit-jupiter>
-    <version.slf4j>1.7.36</version.slf4j>
+    <version.slf4j>2.0.13</version.slf4j>
 
     <!-- Versions - Plugins -->
     <version.build-helper.plugin>3.3.0</version.build-helper.plugin>