From 3372f04e62589391830dc33b43d53ab9f1d829c7 Mon Sep 17 00:00:00 2001
From: adityagajbhiye9 <133367448+adityagajbhiye9@users.noreply.github.com>
Date: Wed, 6 Dec 2023 17:54:59 +0530
Subject: [PATCH 1/4] [Fix|sde-backend] build image securityfix

 - build image security fix .
---
 CHANGELOG.md     | 1 +
 build/Dockerfile | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2312e309f..e2a421078 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 ## [Unreleased] 
 ### Fixed
 - fixed veracode security in app CVE-2023-46589 and CVE-2023-34053 .
+-  build base image version.
 
 ## [2.3.2] - 2023-12-01
 ### Fixed
diff --git a/build/Dockerfile b/build/Dockerfile
index 2c2483878..6a6673c5c 100644
--- a/build/Dockerfile
+++ b/build/Dockerfile
@@ -18,7 +18,7 @@
 # SPDX-License-Identifier: Apache-2.0
 ################################################################################
 # our base build image
-FROM maven:3.9.0-eclipse-temurin-19 AS build
+FROM maven:3.9.5-eclipse-temurin-17 AS build
 
 # copy the project files
 COPY ../pom.xml ./pom.xml

From 98ed5732ccffc5bd59697bc213044cf26e49ce8e Mon Sep 17 00:00:00 2001
From: adityagajbhiye9 <133367448+adityagajbhiye9@users.noreply.github.com>
Date: Wed, 6 Dec 2023 17:58:58 +0530
Subject: [PATCH 2/4] updated changelog.md

---
 CHANGELOG.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e2a421078..4c430aba8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,10 +2,10 @@
 All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
-## [Unreleased] 
+## [2.3.3] 
 ### Fixed
 - fixed veracode security in app CVE-2023-46589 and CVE-2023-34053 .
--  build base image version.
+- build base image version.
 
 ## [2.3.2] - 2023-12-01
 ### Fixed
@@ -257,7 +257,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - Compliance with Catena-X Guidelines
 - Integration with Digital Twin registry service.
 
-[unreleased]: https://github.com/eclipse-tractusx/managed-simple-data-exchanger-backend/compare/v2.3.2...main
+[unreleased]: https://github.com/eclipse-tractusx/managed-simple-data-exchanger-backend/compare/v2.3.3...main
+[2.3.3]: https://github.com/eclipse-tractusx/managed-simple-data-exchanger-backend/compare/v2.3.2...v2.3.3
 [2.3.2]: https://github.com/eclipse-tractusx/managed-simple-data-exchanger-backend/compare/v2.3.1...v2.3.2
 [2.3.1]: https://github.com/eclipse-tractusx/managed-simple-data-exchanger-backend/compare/v2.3.0...v2.3.1
 [2.3.0]: https://github.com/eclipse-tractusx/managed-simple-data-exchanger-backend/compare/v2.2.0...v2.3.0

From ca4fca1f0207208096f4dc07dd3aa14364e08508 Mon Sep 17 00:00:00 2001
From: adityagajbhiye9 <133367448+adityagajbhiye9@users.noreply.github.com>
Date: Wed, 6 Dec 2023 18:31:13 +0530
Subject: [PATCH 3/4] Update CHANGELOG.md

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4c430aba8..e18ba1a31 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,7 +2,7 @@
 All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
-## [2.3.3] 
+## [2.3.3] - 2023-12-06
 ### Fixed
 - fixed veracode security in app CVE-2023-46589 and CVE-2023-34053 .
 - build base image version.

From 4589f3ec0290070fbe905fa926da7717af308e64 Mon Sep 17 00:00:00 2001
From: Sachin Argade <sachin.argade@t-systems.com>
Date: Wed, 6 Dec 2023 19:14:56 +0530
Subject: [PATCH 4/4] webmvc trivy issue fix

---
 DEPENDENCIES | 2 +-
 pom.xml      | 9 +++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/DEPENDENCIES b/DEPENDENCIES
index 4d0cc1b7f..0d6a938cf 100644
--- a/DEPENDENCIES
+++ b/DEPENDENCIES
@@ -150,7 +150,7 @@ maven/mavencentral/org.springframework/spring-orm/6.0.9, Apache-2.0, approved, #
 maven/mavencentral/org.springframework/spring-test/6.0.9, Apache-2.0, approved, #7003
 maven/mavencentral/org.springframework/spring-tx/6.0.9, Apache-2.0, approved, #5926
 maven/mavencentral/org.springframework/spring-web/6.0.14, Apache-2.0, approved, #5942
-maven/mavencentral/org.springframework/spring-webmvc/6.0.9, Apache-2.0, approved, #5944
+maven/mavencentral/org.springframework/spring-webmvc/6.0.14, Apache-2.0, approved, #5944
 maven/mavencentral/org.webjars/swagger-ui/4.15.5, Apache-2.0 AND MIT, approved, #5921
 maven/mavencentral/org.webjars/webjars-locator-core/0.52, MIT, approved, clearlydefined
 maven/mavencentral/org.xmlunit/xmlunit-core/2.9.1, Apache-2.0, approved, #6272
diff --git a/pom.xml b/pom.xml
index 6ea404d80..663437c7d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -103,6 +103,10 @@
 					<groupId>org.springframework</groupId>
 					<artifactId>spring-web</artifactId>
 				</exclusion>
+				<exclusion>
+					<groupId>org.springframework</groupId>
+					<artifactId>spring-webmvc</artifactId>
+				</exclusion>
 			</exclusions>
 		</dependency>
 		<dependency>
@@ -115,6 +119,11 @@
 			<artifactId>spring-web</artifactId>
 			<version>6.0.14</version>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-webmvc</artifactId>
+			<version>6.0.14</version>
+		</dependency>
 		<dependency>
 			<groupId>ch.qos.logback</groupId>
 			<artifactId>logback-classic</artifactId>