From 7b71c2244e53ca06ffde248f326019dd22f8d9d0 Mon Sep 17 00:00:00 2001
From: Jiang Hua <jiang.hua@broadcom.com>
Date: Tue, 14 Apr 2026 14:34:06 -0700
Subject: [PATCH] tomcat-embed-core upgrade for CVE-2026-29145 +
 spring-webmvc/log4j

---
 g11n-ws/build.gradle | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/g11n-ws/build.gradle b/g11n-ws/build.gradle
index e285b8c66..05d2be749 100644
--- a/g11n-ws/build.gradle
+++ b/g11n-ws/build.gradle
@@ -50,8 +50,8 @@ subprojects{
         httpclient='4.5.13'
         jacksonVersion = '2.18.6'
         springdocVersion='2.8.8'
-        tomcatVersion= '10.1.52'
-        springWebMvcVersion= '6.2.11'
+        tomcatVersion= '10.1.54'
+        springWebMvcVersion= '6.2.17'
 
     	ehCacheVersion = '3.10.8'
     	cacheApiVersion='1.1.1'
@@ -67,7 +67,7 @@ subprojects{
     	snakeyam="2.0"
     	jjwtVersion="0.9.1"
     	hibernateJpa21Api = "1.0.2.Final"
-    	log4j2Version="2.25.3"
+    	log4j2Version="2.25.4"
     	slf4jVersion="1.7.32"
     	esapiVersion="2.6.2.0"