Update logback-classic (#2796)

This version of logback fixes the following CVE: "a potential denial of service attack on a centralized logback receiver when a third party controlling a remote appender connects to said receiver and could shut down or slow down logging of events." Eclair isn't affected since we don't use logback receivers, but if there are applications or plugins that depend on eclair and use logback receivers, it's better to use the logback version containing the fix.
2025-02-22 22:25:26 +01:00 · 2023-12-06 15:09:11 +01:00 · 2023-12-06 15:09:11 +01:00 · be4ed3c68b
commit be4ed3c68b
parent d4a498cdd6
3 changed files with 3 additions and 3 deletions
--- a/eclair-core/pom.xml
+++ b/eclair-core/pom.xml
@ -296,7 +296,7 @@
        <dependency>
            <groupId>ch.qos.logback</groupId>
            <artifactId>logback-classic</artifactId>
-            <version>1.2.3</version>
+            <version>1.2.13</version>
            <scope>test</scope>
        </dependency>
        <dependency>
--- a/eclair-front/pom.xml
+++ b/eclair-front/pom.xml
@ -80,7 +80,7 @@
        <dependency>
            <groupId>ch.qos.logback</groupId>
            <artifactId>logback-classic</artifactId>
-            <version>1.2.3</version>
+            <version>1.2.13</version>
        </dependency>
        <dependency>
            <groupId>org.codehaus.janino</groupId>
--- a/eclair-node/pom.xml
+++ b/eclair-node/pom.xml
@ -79,7 +79,7 @@
        <dependency>
            <groupId>ch.qos.logback</groupId>
            <artifactId>logback-classic</artifactId>
-            <version>1.2.3</version>
+            <version>1.2.13</version>
        </dependency>
        <dependency>
            <!--conditional logging -->