From 4e6f84b1fcfabb4048ecd8ff45bea4a3bc11c944 Mon Sep 17 00:00:00 2001
From: David Venable <dlv@amazon.com>
Date: Wed, 6 Dec 2023 15:49:58 -0600
Subject: [PATCH] Update to Logback 1.4.14 in performance test and sample app
 to fix CVE-2023-6481. Resolves #3817.

Signed-off-by: David Venable <dlv@amazon.com>
---
 .../sample-app/analytics-service/build.gradle                 | 2 +-
 performance-test/build.gradle                                 | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/examples/trace-analytics-sample-app/sample-app/analytics-service/build.gradle b/examples/trace-analytics-sample-app/sample-app/analytics-service/build.gradle
index 26848ef1d3..5d2f5b7cf8 100644
--- a/examples/trace-analytics-sample-app/sample-app/analytics-service/build.gradle
+++ b/examples/trace-analytics-sample-app/sample-app/analytics-service/build.gradle
@@ -31,7 +31,7 @@ configurations.all {
             details.useVersion '10.1.14'
             details.because('Fixes CVE-2023-44487')
         } else if (details.requested.group == 'ch.qos.logback') {
-            details.useVersion '1.4.12'
+            details.useVersion '1.4.14'
             details.because('Fixes CVE-2023-6378')
         }
     }
diff --git a/performance-test/build.gradle b/performance-test/build.gradle
index fa3d095564..0a182966ae 100644
--- a/performance-test/build.gradle
+++ b/performance-test/build.gradle
@@ -26,13 +26,13 @@ dependencies {
     constraints {
         gatling('ch.qos.logback:logback-classic') {
             version {
-                require '1.4.12'
+                require '1.4.14'
             }
             because 'Fixes CVE-2023-6378'
         }
         gatling('ch.qos.logback:logback-core') {
             version {
-                require '1.4.12'
+                require '1.4.14'
             }
             because 'Keeps the version synced with logback-classic.'
         }