From f54e72026f38a6fb665d5e9a3cc51f756ad906e2 Mon Sep 17 00:00:00 2001
From: tesshucom <webmaster@tesshu.com>
Date: Sat, 13 Apr 2019 01:47:00 +0900
Subject: [PATCH] version upgrade of
 spring-boot-dependencies,spring-boot-maven-plugin

 - Safety version for CVE-2019-3795
 - Match the new jetty ecj version because the version of ecj used by
tomcat and jetty is different.
---
 airsonic-main/pom.xml | 2 +-
 pom.xml               | 8 +++++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/airsonic-main/pom.xml b/airsonic-main/pom.xml
index f632c631..4e185b0d 100755
--- a/airsonic-main/pom.xml
+++ b/airsonic-main/pom.xml
@@ -547,7 +547,7 @@
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
-                <version>1.5.8.RELEASE</version>
+                <version>1.5.20.RELEASE</version>
                 <configuration>
                     <mainClass>org.airsonic.player.Application</mainClass>
                     <layout>WAR</layout>
diff --git a/pom.xml b/pom.xml
index f036c1e5..920009c3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -87,7 +87,7 @@
                 <!-- Import dependency management from Spring Boot -->
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-dependencies</artifactId>
-                <version>1.5.18.RELEASE</version>
+                <version>1.5.20.RELEASE</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
@@ -133,6 +133,12 @@
                 <artifactId>guava</artifactId>
                 <version>27.1-jre</version>
             </dependency>
+            <dependency>
+                <groupId>org.eclipse.jdt</groupId>
+                <artifactId>ecj</artifactId>
+                <version>3.14.0</version>
+                <scope>provided</scope>
+            </dependency>
         </dependencies>
     </dependencyManagement>