Updated libraries for multiple vulnerable dependency paths

[blcarlson01]

The project is successfully building and all tests are passing with the updates below.

The PR includes:

• pom.xml with updated dependencies that do not contain any known vulnerabilities

Note: This update does not covered the known vulnerabilities (6 Medium/3 Low Risk) in org.springframework.social:[email protected]. If I get some time I might take a look at a later date.

Below are the additional details on the vulnerabilities that have been fixed with the PR. This update will reduce the potential risk to a user and system.

com.fasterxml.jackson.core:jackson-core Denial of Service (DoS), Deserialization of Untrusted Data https://www.sourceclear.com/registry/security/denial-of-service-dos-/java/sid-2857 https://www.sourceclear.com/registry/security/remote-code-execution-rce-through-deserialization/java/sid-3929/summary

org.springframework.security spring-security-core Timing Attack Due To Password Comparison, Authentication Bypass, Deserialization of Untrusted Data https://www.sourceclear.com/registry/security/timing-attack-due-to-password-comparison/java/sid-2784/summary https://www.sourceclear.com/registry/security/authentication-bypass-in-activedirectoryldapauthenticator/java/sid-1819/summary

org.springframework.social-version to 1.1.3 Denial of Service (DoS) - https://www.sourceclear.com/registry/security/denial-of-service-dos-xml-bomb/java/sid-1799/summary XML External Entity (XXE) Injection - https://www.sourceclear.com/registry/security/information-disclosure-through-timing-attack/java/sid-1810/summary Directory Traversal - https://www.sourceclear.com/registry/security/file-access-through-directory-traversal/java/sid-1498/summary Directory Traversal - https://www.sourceclear.com/registry/security/directory-traversal-vulnerability/java/sid-1580/summary Reflected File Download - https://www.sourceclear.com/registry/security/reflected-file-download-rfd-attack/java/sid-1800/summary

org.springframework-version to 3.2.18.RELEASE and adding [email protected] to fix a transitive dependency in the Spring Framework Cross-Site Request Forgery (CSRF) - https://www.sourceclear.com/registry/security/xml-external-entity-xxe-in-jaxb2rootelementhttpmessageconverter/java/sid-766/summary Cross-site Scripting (XSS) - https://www.sourceclear.com/registry/security/cross-site-scripting-xss-through-the-requested-uri/java/sid-756/summary Directory Traversal - https://www.sourceclear.com/registry/security/directory-traversal/java/sid-3179/summary Cross-site Scripting (XSS) - https://www.sourceclear.com/registry/security/cross-site-scripting-xss-in-javascriptutils-javascriptescape-/java/sid-1834/summary XML External Entity (XXE) - https://www.sourceclear.com/registry/security/xml-external-entity-xxe-when-using-the-jaxb-marshaller/java/sid-821/summary XML External Entity (XXE) Injection - https://www.sourceclear.com/registry/security/xml-external-entity-xxe-in-stax-xmlinputfactory/java/sid-786/summary XML External Entity (XXE) Injection - https://www.sourceclear.com/registry/security/xml-external-entity-xxe-in-sourcehttpmessageconverter/java/sid-791/summary