From 95f5b9ec5119d110ed4c98b4f52f3ad5823bad6f Mon Sep 17 00:00:00 2001
From: Mike Brown <michael.brown@hmcts.net>
Date: Thu, 7 Sep 2023 16:46:08 +0100
Subject: [PATCH] AM-2923 CVE-2023-41080 tomcat upgraded to 9.0.80

---
 build.gradle                  | 4 ++--
 config/owasp/suppressions.xml | 4 ----
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/build.gradle b/build.gradle
index 33ef8244e..d4137ed23 100644
--- a/build.gradle
+++ b/build.gradle
@@ -394,8 +394,8 @@ dependencies {
     //CVE-2021-35515, CVE-2021-35516, CVE-2021-35517, CVE-2021-36090
     // To be cleaned up later
     implementation group: 'org.apache.commons', name: 'commons-compress', version: '1.21'
-    implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-websocket', version: '9.0.78'
-    implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '9.0.78'
+    implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-websocket', version: '9.0.80'
+    implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '9.0.80'
 
     implementation group:'com.fasterxml.jackson.datatype', name:'jackson-datatype-jsr310'
     implementation group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: versions.jacksondata
diff --git a/config/owasp/suppressions.xml b/config/owasp/suppressions.xml
index 4ed7d2a7f..a866b0379 100644
--- a/config/owasp/suppressions.xml
+++ b/config/owasp/suppressions.xml
@@ -13,8 +13,4 @@
         <notes>https://tools.hmcts.net/jira/browse/AM-2885 okio</notes>
         <cve>CVE-2023-3635</cve>
     </suppress>
-    <suppress>
-        <notes>https://tools.hmcts.net/jira/browse/AM-2923 tomcat</notes>
-        <cve>CVE-2023-41080</cve>
-    </suppress>
 </suppressions>