From db3ac8017f9128780315350c1eae01f0159ac0a9 Mon Sep 17 00:00:00 2001
From: tommystendahl <tommy.stendahl@ericsson.com>
Date: Mon, 4 Dec 2023 12:46:42 +0100
Subject: [PATCH] Bump logback from 1.2.10 to 1.2.13 (CVE-2023-6378) (#623)

---
 CHANGES.md | 1 +
 pom.xml    | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGES.md b/CHANGES.md
index c1ac0ab51..2868a6c2b 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -2,6 +2,7 @@
 
 ## Version 5.0.0 (Not yet released)
 
+* Bump logback from 1.2.10 to 1.2.13 (CVE-2023-6378) - Issue #622
 * Progress for on demand repair jobs is either 0% or 100% - Issue #593
 * Make priority granularity configurable - Issue #599
 * Bump springboot from 2.7.12 to 2.7.17 - Issue #604
diff --git a/pom.xml b/pom.xml
index 32a2265c5..82a76c947 100644
--- a/pom.xml
+++ b/pom.xml
@@ -70,7 +70,7 @@
         <com.typesafe.config.version>1.4.2</com.typesafe.config.version>
         <org.hdrhistogram.version>2.1.12</org.hdrhistogram.version>
         <slf4j.version>1.7.30</slf4j.version>
-        <logback.version>1.2.10</logback.version>
+        <logback.version>1.2.13</logback.version>
         <cassandra.version>4.0.10</cassandra.version>
         <osgi.version>1.3.0</osgi.version>
         <mockito.core.version>3.3.3</mockito.core.version>