From b51233bda2992baaab1eaf1fa3e266b5656a49b6 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 13 Oct 2023 07:20:25 +0000
Subject: [PATCH] fix: parent/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2326698
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEZOOKEEPER-5961102
---
 parent/pom.xml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/parent/pom.xml b/parent/pom.xml
index 1c6bd52540..422752b47a 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -6,7 +6,7 @@
         <groupId>com.bazaarvoice.commons</groupId>
         <artifactId>bv-opensource-super-pom</artifactId>
         <version>1.12</version>
-        <relativePath />
+        <relativePath/>
     </parent>
 
     <groupId>com.bazaarvoice.emodb</groupId>
@@ -28,7 +28,7 @@
         <dropwizard-metrics-datadog.version>1.1.13</dropwizard-metrics-datadog.version>
         <cassandra.version>3.11.12</cassandra.version>
         <cassandra-maven-plugin.version>${cassandra.version}.1</cassandra-maven-plugin.version>
-        <curator.version>2.4.2</curator.version>
+        <curator.version>2.9.0</curator.version>
         <curator-jersey2.version>4.2.0</curator-jersey2.version>
         <curator-extensions.version>1.4.2</curator-extensions.version>
         <dropwizard.version>0.7.1</dropwizard.version>
@@ -47,7 +47,7 @@
         <slf4j.version>1.7.36</slf4j.version>
         <commons-io.version>2.7</commons-io.version>
         <commons-compress.version>1.21</commons-compress.version>
-        <aws-sdk.version>1.11.1034</aws-sdk.version>
+        <aws-sdk.version>1.12.566</aws-sdk.version>
         <javassist.version>3.20.0-GA</javassist.version>
         <jodatime-version>2.9.9</jodatime-version>
         <jersey.version>1.19.4</jersey.version>
@@ -959,9 +959,9 @@
                                     <version>[${java.minimum.version},)</version>
                                     <message>requires ${java.minimum.version}+</message>
                                 </requireJavaVersion>
-                                <dependencyConvergence />
-                                <requireUpperBoundDeps />
-                                <banDuplicatePomDependencyVersions />
+                                <dependencyConvergence/>
+                                <requireUpperBoundDeps/>
+                                <banDuplicatePomDependencyVersions/>
                                 <bannedDependencies>
                                     <excludes>
                                         <!-- This should not exist until DW 0.8.x+ upgrade -->