diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5e51318..1cf6ed9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
## [Unreleased]
### Security
+- Upgraded Spring to 2.6.7 & Maven/Ruby containers to latest versions
+ [conjurdemos/pet-store-demo#48](https://github.com/conjurdemos/pet-store-demo/pull/48)
- Upgraded Postgres to 42.3.2 to resolve CVE-2022-21724
[conjurdemos/pet-store-demo#45](https://github.com/conjurdemos/pet-store-demo/pull/45)
diff --git a/Dockerfile b/Dockerfile
index fccfbd0..bf6d141 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,7 +4,7 @@
# STAGE:
# Fetch summon
-FROM ruby:2.5 as summon
+FROM ruby:3.0 as summon
RUN apt-get update && \
apt-get install -y --no-install-recommends curl
@@ -17,7 +17,7 @@ RUN curl -sSL https://raw.githubusercontent.com/cyberark/summon/master/install.s
# STAGE:
# The 'maven' base is used to package the application
-FROM maven:3.8.4-openjdk-11-slim as maven
+FROM maven:3.8.5-openjdk-11-slim as maven
WORKDIR /app
@@ -38,6 +38,9 @@ RUN mvn package && cp target/petstore-*.jar app.jar
FROM openjdk:11-jdk-slim
LABEL org.opencontainers.image.authors="CyberArk"
+# Install the fix for CVE-2022-1271
+RUN apt-get update && apt-get dist-upgrade -y
+
COPY --from=summon /usr/local/lib/summon /usr/local/lib/summon
COPY --from=summon /usr/local/bin/summon /usr/local/bin/summon
COPY --from=maven /app/app.jar /app.jar
diff --git a/pom.xml b/pom.xml
index 331d8ec..4da99a5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,14 +10,14 @@
org.springframework.boot
spring-boot-starter-parent
- 2.6.2
+ 2.6.7
org.springframework.boot
spring-boot-starter-web
- 2.6.2
+ 2.6.7
org.postgresql
@@ -37,7 +37,7 @@
org.springframework.boot
spring-boot-starter-data-jpa
- 2.6.2
+ 2.6.7
javax.xml.bind
@@ -47,7 +47,7 @@
org.springframework.boot
spring-boot-starter-validation
- 2.6.2
+ 2.6.7