From 4f0be6782de5b728b6f8d01361c396ebde21168e Mon Sep 17 00:00:00 2001
From: Michael Folz <folz@med.uni-frankfurt.de>
Date: Thu, 3 Nov 2022 17:04:01 +0100
Subject: [PATCH 1/3] No issue - bump version nr

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 47d0667..830b0ba 100644
--- a/pom.xml
+++ b/pom.xml
@@ -9,7 +9,7 @@
     <version>11.2.0</version>
   </parent>
   <artifactId>dehub-model</artifactId>
-  <version>2.2.1</version>
+  <version>2.3.0-SNAPSHOT</version>
   <name>de.dataelementhub.model</name>
   <description>DataElementHub Model</description>
 

From 603ae1f0d7ae15c18c9c0621dbfd2460ba572d3c Mon Sep 17 00:00:00 2001
From: Michael Folz <folz@med.uni-frankfurt.de>
Date: Thu, 3 Nov 2022 17:09:15 +0100
Subject: [PATCH 2/3] No issue - update dependencies (gson, jackson,
 json-validator, zip4j, tomcat embed)

---
 pom.xml | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/pom.xml b/pom.xml
index 830b0ba..b2bccc7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -17,7 +17,7 @@
     <dependency>
       <groupId>com.google.code.gson</groupId>
       <artifactId>gson</artifactId>
-      <version>2.9.0</version>
+      <version>2.10</version>
     </dependency>
     <dependency>
       <groupId>de.dataelementhub</groupId>
@@ -46,7 +46,7 @@
     <dependency>
       <groupId>com.networknt</groupId>
       <artifactId>json-schema-validator</artifactId>
-      <version>1.0.70</version>
+      <version>1.0.73</version>
     </dependency>
     <dependency>
       <groupId>org.simpleflatmapper</groupId>
@@ -66,12 +66,12 @@
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
       <artifactId>jackson-annotations</artifactId>
-      <version>2.13.3</version>
+      <version>2.13.4</version>
     </dependency>
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
       <artifactId>jackson-databind</artifactId>
-      <version>2.13.3</version>
+      <version>2.13.4.2</version>
     </dependency>
     <dependency>
       <artifactId>org.eclipse.persistence.moxy</artifactId>
@@ -81,7 +81,7 @@
     <dependency>
       <groupId>net.lingala.zip4j</groupId>
       <artifactId>zip4j</artifactId>
-      <version>2.10.0</version>
+      <version>2.11.2</version>
     </dependency>
     <dependency>
       <groupId>org.eclipse.persistence</groupId>
@@ -113,12 +113,12 @@
     <dependency>
       <groupId>org.json</groupId>
       <artifactId>json</artifactId>
-      <version>20220320</version>
+      <version>20220924</version>
     </dependency>
     <dependency>
       <groupId>org.apache.tomcat.embed</groupId>
       <artifactId>tomcat-embed-core</artifactId>
-      <version>10.0.20</version>
+      <version>10.1.0</version>
     </dependency>
     <dependency>
       <groupId>jakarta.xml.bind</groupId>
@@ -128,7 +128,7 @@
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
       <artifactId>jackson-core</artifactId>
-      <version>2.13.3</version>
+      <version>2.13.4</version>
     </dependency>
     <dependency>
       <groupId>org.slf4j</groupId>

From f1a6ae75165a5ffdcef3759c73af22f427422419 Mon Sep 17 00:00:00 2001
From: Michael Folz <folz@med.uni-frankfurt.de>
Date: Thu, 3 Nov 2022 17:11:38 +0100
Subject: [PATCH 3/3] Release 2.2.2

- enhance changelog
- update pom.xml
---
 CHANGELOG.md | 4 ++++
 pom.xml      | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d7799f3..16c11a2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.2.2] - 2022-11-03
+### Security
+- Update dependencies, including jackson lib due to [CVE-2022-42003](https://devhub.checkmarx.com/cve-details/CVE-2022-42003/) and [CVE-2022-42004](https://devhub.checkmarx.com/cve-details/CVE-2022-42004/)
+
 ## [2.2.1] - 2022-11-03
 ### Fixed
 - There was a bug in the search function that occurred when private namespaces from other users are present [[#105](https://github.com/mig-frankfurt/dataelementhub.model/issues/105)]
diff --git a/pom.xml b/pom.xml
index b2bccc7..a96c893 100644
--- a/pom.xml
+++ b/pom.xml
@@ -9,7 +9,7 @@
     <version>11.2.0</version>
   </parent>
   <artifactId>dehub-model</artifactId>
-  <version>2.3.0-SNAPSHOT</version>
+  <version>2.2.2</version>
   <name>de.dataelementhub.model</name>
   <description>DataElementHub Model</description>