From 57b860ee97f51257f3153a76cf404922353cee61 Mon Sep 17 00:00:00 2001
From: Automatic Dependency Updater <opensource@exasol.com>
Date: Sat, 21 Sep 2024 02:21:33 +0000
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=90=20Update=20dependencies=20to=20fix?=
 =?UTF-8?q?=20vulnerabilities?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 dependencies.md              | 22 +++++------
 doc/changes/changelog.md     |  1 +
 doc/changes/changes_2.8.3.md | 74 ++++++++++++++++++++++++++++++++++++
 doc/user_guide/user_guide.md | 20 +++++-----
 pk_generated_parent.pom      |  2 +-
 pom.xml                      | 64 +++++++++++++++----------------
 6 files changed, 129 insertions(+), 54 deletions(-)
 create mode 100644 doc/changes/changes_2.8.3.md

diff --git a/dependencies.md b/dependencies.md
index c67f886e..9f404e84 100644
--- a/dependencies.md
+++ b/dependencies.md
@@ -16,20 +16,20 @@
 | [snappy-java][10]                          | [Apache-2.0][11]                                                                                                                                                                                    |
 | [Import Export UDF Common Scala][12]       | [MIT License][13]                                                                                                                                                                                   |
 | [error-reporting-java][14]                 | [MIT License][15]                                                                                                                                                                                   |
-| Apache Hadoop Common                       | [Apache License, Version 2.0][3]                                                                                                                                                                    |
+| Apache Hadoop Common                       | [Apache-2.0][3]                                                                                                                                                                                     |
 | [dnsjava][16]                              | [BSD-3-Clause][17]                                                                                                                                                                                  |
 | [JSch][18]                                 | [Revised BSD][19]; [Revised BSD][20]; [ISC][21]                                                                                                                                                     |
-| Apache Hadoop Amazon Web Services support  | [Apache License, Version 2.0][3]                                                                                                                                                                    |
+| Apache Hadoop Amazon Web Services support  | [Apache-2.0][3]                                                                                                                                                                                     |
 | [Apache ZooKeeper - Server][22]            | [Apache License, Version 2.0][3]                                                                                                                                                                    |
-| Apache Hadoop Azure support                | [Apache License, Version 2.0][3]                                                                                                                                                                    |
-| Apache Hadoop Azure Data Lake support      | [Apache License, Version 2.0][3]                                                                                                                                                                    |
-| Apache Hadoop HDFS                         | [Apache License, Version 2.0][3]                                                                                                                                                                    |
-| Apache Hadoop HDFS Client                  | [Apache License, Version 2.0][3]                                                                                                                                                                    |
+| Apache Hadoop Azure support                | [Apache-2.0][3]                                                                                                                                                                                     |
+| Apache Hadoop Azure Data Lake support      | [Apache-2.0][3]                                                                                                                                                                                     |
+| Apache Hadoop HDFS                         | [Apache-2.0][3]                                                                                                                                                                                     |
+| Apache Hadoop HDFS Client                  | [Apache-2.0][3]                                                                                                                                                                                     |
 | [Kotlin Stdlib][23]                        | [The Apache License, Version 2.0][6]                                                                                                                                                                |
 | [Alluxio Core - Client - HDFS][24]         | [Apache License][25]                                                                                                                                                                                |
 | [Metrics Core][26]                         | [Apache License 2.0][11]                                                                                                                                                                            |
 | [Protocol Buffers [Core]][27]              | [BSD-3-Clause][17]                                                                                                                                                                                  |
-| [gcs-connector-hadoop3][28]                | [Apache License, Version 2.0][6]                                                                                                                                                                    |
+| [gcs-connector][28]                        | [Apache License, Version 2.0][3]                                                                                                                                                                    |
 | [Google OAuth Client Library for Java][29] | [The Apache Software License, Version 2.0][3]                                                                                                                                                       |
 | [ORC Core][30]                             | [Apache License, Version 2.0][3]                                                                                                                                                                    |
 | [aircompressor][31]                        | [Apache License 2.0][11]                                                                                                                                                                            |
@@ -37,7 +37,7 @@
 | [Apache Commons Compress][33]              | [Apache-2.0][3]                                                                                                                                                                                     |
 | [Nimbus JOSE+JWT][34]                      | [The Apache Software License, Version 2.0][3]                                                                                                                                                       |
 | [delta-core][35]                           | [Apache-2.0][36]                                                                                                                                                                                    |
-| [Spark Project SQL][37]                    | [Apache 2.0 License][38]                                                                                                                                                                            |
+| [Spark Project SQL][37]                    | [Apache-2.0][38]                                                                                                                                                                                    |
 | [Apache Ivy][39]                           | [The Apache Software License, Version 2.0][6]                                                                                                                                                       |
 | [Parquet for Java][40]                     | [MIT License][41]                                                                                                                                                                                   |
 | [JUL to SLF4J bridge][42]                  | [MIT License][43]                                                                                                                                                                                   |
@@ -59,7 +59,7 @@
 | [scalatest][62]                            | [the Apache License, ASL Version 2.0][36] |
 | [scalatestplus-mockito][63]                | [Apache-2.0][36]                          |
 | [mockito-core][64]                         | [MIT][65]                                 |
-| [Hamcrest][66]                             | [BSD License 3][67]                       |
+| [Hamcrest][66]                             | [BSD-3-Clause][67]                        |
 | [testcontainers-scala-scalatest][68]       | [The MIT License (MIT)][65]               |
 | [Testcontainers :: Localstack][69]         | [MIT][70]                                 |
 | [Test containers for Exasol on Docker][71] | [MIT License][72]                         |
@@ -144,7 +144,7 @@
 [25]: https://github.com/alluxio/alluxio/blob/master/LICENSE
 [26]: https://metrics.dropwizard.io/metrics-core
 [27]: https://developers.google.com/protocol-buffers/protobuf-java/
-[28]: https://github.com/GoogleCloudPlatform/BigData-interop/gcs-connector/
+[28]: https://github.com/GoogleCloudDataproc/hadoop-connectors/gcs-connector
 [29]: https://github.com/googleapis/google-oauth-java-client/google-oauth-client
 [30]: https://orc.apache.org/orc-core
 [31]: https://github.com/airlift/aircompressor
@@ -183,7 +183,7 @@
 [64]: https://github.com/mockito/mockito
 [65]: https://opensource.org/licenses/MIT
 [66]: http://hamcrest.org/JavaHamcrest/
-[67]: http://opensource.org/licenses/BSD-3-Clause
+[67]: https://raw.githubusercontent.com/hamcrest/JavaHamcrest/master/LICENSE
 [68]: https://github.com/testcontainers/testcontainers-scala
 [69]: https://java.testcontainers.org
 [70]: http://opensource.org/licenses/MIT
diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md
index bafd6fd9..b811d7e3 100644
--- a/doc/changes/changelog.md
+++ b/doc/changes/changelog.md
@@ -1,5 +1,6 @@
 # Changes
 
+* [2.8.3](changes_2.8.3.md)
 * [2.8.2](changes_2.8.2.md)
 * [2.8.1](changes_2.8.1.md)
 * [2.8.0](changes_2.8.0.md)
diff --git a/doc/changes/changes_2.8.3.md b/doc/changes/changes_2.8.3.md
new file mode 100644
index 00000000..429e04e7
--- /dev/null
+++ b/doc/changes/changes_2.8.3.md
@@ -0,0 +1,74 @@
+# Cloud Storage Extension 2.8.3, released 2024-??-??
+
+Code name: Fixed vulnerability CVE-2024-7254 in com.google.protobuf:protobuf-java:jar:3.25.4:compile
+
+## Summary
+
+This release fixes the following vulnerability:
+
+### CVE-2024-7254 (CWE-20) in dependency `com.google.protobuf:protobuf-java:jar:3.25.4:compile`
+Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker.
+#### References
+* https://ossindex.sonatype.org/vulnerability/CVE-2024-7254?component-type=maven&component-name=com.google.protobuf%2Fprotobuf-java&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
+* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-7254
+* https://github.com/advisories/GHSA-735f-pc8j-v9w8
+
+## Security
+
+* #324: Fixed vulnerability CVE-2024-7254 in dependency `com.google.protobuf:protobuf-java:jar:3.25.4:compile`
+
+## Dependency Updates
+
+### Cloud Storage Extension
+
+#### Compile Dependency Updates
+
+* Updated `com.github.mwiede:jsch:0.2.18` to `0.2.20`
+* Updated `com.google.cloud.bigdataoss:gcs-connector:1.9.4-hadoop3` to `3.0.2`
+* Updated `com.google.guava:guava:33.2.1-jre` to `33.3.0-jre`
+* Updated `com.google.protobuf:protobuf-java:3.25.4` to `4.28.2`
+* Updated `com.nimbusds:nimbus-jose-jwt:9.40` to `9.41.1`
+* Updated `io.airlift:aircompressor:0.27` to `2.0.2`
+* Updated `io.dropwizard.metrics:metrics-core:4.2.26` to `4.2.27`
+* Updated `io.grpc:grpc-netty:1.65.1` to `1.68.0`
+* Updated `io.netty:netty-codec-http2:4.1.112.Final` to `4.1.113.Final`
+* Updated `org.alluxio:alluxio-core-client-hdfs:300` to `313`
+* Updated `org.apache.avro:avro:1.11.3` to `1.12.0`
+* Updated `org.apache.commons:commons-compress:1.26.2` to `1.27.1`
+* Updated `org.apache.commons:commons-lang3:3.15.0` to `3.17.0`
+* Updated `org.apache.hadoop:hadoop-aws:3.3.6` to `3.4.0`
+* Updated `org.apache.hadoop:hadoop-azure-datalake:3.3.6` to `3.4.0`
+* Updated `org.apache.hadoop:hadoop-azure:3.3.6` to `3.4.0`
+* Updated `org.apache.hadoop:hadoop-common:3.3.6` to `3.4.0`
+* Updated `org.apache.hadoop:hadoop-hdfs-client:3.3.6` to `3.4.0`
+* Updated `org.apache.hadoop:hadoop-hdfs:3.3.6` to `3.4.0`
+* Updated `org.apache.logging.log4j:log4j-1.2-api:2.23.1` to `2.24.0`
+* Updated `org.apache.logging.log4j:log4j-api:2.23.1` to `2.24.0`
+* Updated `org.apache.logging.log4j:log4j-core:2.23.1` to `2.24.0`
+* Updated `org.apache.orc:orc-core:1.9.4` to `2.0.2`
+* Updated `org.apache.spark:spark-sql_2.13:3.4.1` to `4.0.0-preview2`
+* Updated `org.glassfish.jersey.containers:jersey-container-servlet-core:2.43` to `3.1.8`
+* Updated `org.glassfish.jersey.containers:jersey-container-servlet:2.43` to `3.1.8`
+* Updated `org.glassfish.jersey.core:jersey-client:2.43` to `3.1.8`
+* Updated `org.glassfish.jersey.core:jersey-common:2.43` to `3.1.8`
+* Updated `org.glassfish.jersey.core:jersey-server:2.43` to `3.1.8`
+* Updated `org.glassfish.jersey.inject:jersey-hk2:2.43` to `3.1.8`
+* Updated `org.jetbrains.kotlin:kotlin-stdlib:1.9.25` to `2.0.20`
+* Updated `org.scala-lang:scala-library:2.13.11` to `2.13.15`
+* Updated `org.slf4j:jul-to-slf4j:2.0.13` to `2.0.16`
+* Updated `org.xerial.snappy:snappy-java:1.1.10.5` to `1.1.10.7`
+
+#### Runtime Dependency Updates
+
+* Updated `ch.qos.logback:logback-classic:1.5.6` to `1.5.8`
+* Updated `ch.qos.logback:logback-core:1.5.6` to `1.5.8`
+
+#### Test Dependency Updates
+
+* Updated `com.exasol:exasol-testcontainers:7.1.0` to `7.1.1`
+* Updated `com.exasol:hamcrest-resultset-matcher:1.6.5` to `1.7.0`
+* Updated `nl.jqno.equalsverifier:equalsverifier:3.16.1` to `3.16.2`
+* Updated `org.hamcrest:hamcrest:2.2` to `3.0`
+* Updated `org.junit.jupiter:junit-jupiter-engine:5.10.3` to `5.11.0`
+* Updated `org.mockito:mockito-core:5.12.0` to `5.13.0`
+* Updated `org.testcontainers:localstack:1.20.0` to `1.20.1`
diff --git a/doc/user_guide/user_guide.md b/doc/user_guide/user_guide.md
index 37babec5..6f935c0b 100644
--- a/doc/user_guide/user_guide.md
+++ b/doc/user_guide/user_guide.md
@@ -150,7 +150,7 @@ downloaded jar file is the same as the checksum provided in the releases.
 To check the SHA256 result of the local jar, run the command:
 
 ```sh
-sha256sum exasol-cloud-storage-extension-2.8.2.jar
+sha256sum exasol-cloud-storage-extension-2.8.3.jar
 ```
 
 ### Building From Source
@@ -180,7 +180,7 @@ mvn clean package -DskipTests=true
 ```
 
 The assembled jar file should be located at
-`target/exasol-cloud-storage-extension-2.8.2.jar`.
+`target/exasol-cloud-storage-extension-2.8.3.jar`.
 
 ### Create an Exasol Bucket
 
@@ -202,7 +202,7 @@ for the HTTP protocol.
 Upload the jar file using curl command:
 
 ```sh
-curl -X PUT -T exasol-cloud-storage-extension-2.8.2.jar \
+curl -X PUT -T exasol-cloud-storage-extension-2.8.3.jar \
   http://w:<WRITE_PASSWORD>@exasol.datanode.domain.com:2580/<BUCKET>/
 ```
 
@@ -234,7 +234,7 @@ OPEN SCHEMA CLOUD_STORAGE_EXTENSION;
 
 CREATE OR REPLACE JAVA SET SCRIPT IMPORT_PATH(...) EMITS (...) AS
   %scriptclass com.exasol.cloudetl.scriptclasses.FilesImportQueryGenerator;
-  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.2.jar;
+  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.3.jar;
 /
 
 CREATE OR REPLACE JAVA SCALAR SCRIPT IMPORT_METADATA(...) EMITS (
@@ -244,12 +244,12 @@ CREATE OR REPLACE JAVA SCALAR SCRIPT IMPORT_METADATA(...) EMITS (
   end_index DECIMAL(36, 0)
 ) AS
   %scriptclass com.exasol.cloudetl.scriptclasses.FilesMetadataReader;
-  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.2.jar;
+  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.3.jar;
 /
 
 CREATE OR REPLACE JAVA SET SCRIPT IMPORT_FILES(...) EMITS (...) AS
   %scriptclass com.exasol.cloudetl.scriptclasses.FilesDataImporter;
-  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.2.jar;
+  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.3.jar;
 /
 ```
 
@@ -268,12 +268,12 @@ OPEN SCHEMA CLOUD_STORAGE_EXTENSION;
 
 CREATE OR REPLACE JAVA SET SCRIPT EXPORT_PATH(...) EMITS (...) AS
   %scriptclass com.exasol.cloudetl.scriptclasses.TableExportQueryGenerator;
-  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.2.jar;
+  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.3.jar;
 /
 
 CREATE OR REPLACE JAVA SET SCRIPT EXPORT_TABLE(...) EMITS (ROWS_AFFECTED INT) AS
   %scriptclass com.exasol.cloudetl.scriptclasses.TableDataExporter;
-  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.2.jar;
+  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.3.jar;
 /
 ```
 
@@ -407,13 +407,13 @@ CREATE OR REPLACE JAVA SCALAR SCRIPT IMPORT_METADATA(...) EMITS (
 ) AS
   %jvmoption -DHTTPS_PROXY=http://username:password@10.10.1.10:1180
   %scriptclass com.exasol.cloudetl.scriptclasses.FilesMetadataReader;
-  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.2.jar;
+  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.3.jar;
 /
 
 CREATE OR REPLACE JAVA SET SCRIPT IMPORT_FILES(...) EMITS (...) AS
   %jvmoption -DHTTPS_PROXY=http://username:password@10.10.1.10:1180
   %scriptclass com.exasol.cloudetl.scriptclasses.FilesDataImporter;
-  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.2.jar;
+  %jar /buckets/bfsdefault/<BUCKET>/exasol-cloud-storage-extension-2.8.3.jar;
 /
 ```
 
diff --git a/pk_generated_parent.pom b/pk_generated_parent.pom
index 4d0c1014..e9918bfb 100644
--- a/pk_generated_parent.pom
+++ b/pk_generated_parent.pom
@@ -3,7 +3,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.exasol</groupId>
     <artifactId>cloud-storage-extension-generated-parent</artifactId>
-    <version>2.8.2</version>
+    <version>2.8.3</version>
     <packaging>pom</packaging>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
diff --git a/pom.xml b/pom.xml
index d739f80f..93e65692 100644
--- a/pom.xml
+++ b/pom.xml
@@ -3,23 +3,23 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.exasol</groupId>
     <artifactId>cloud-storage-extension</artifactId>
-    <version>2.8.2</version>
+    <version>2.8.3</version>
     <name>Cloud Storage Extension</name>
     <description>Exasol Cloud Storage Import And Export Extension</description>
     <url>https://github.com/exasol/cloud-storage-extension/</url>
     <parent>
         <artifactId>cloud-storage-extension-generated-parent</artifactId>
         <groupId>com.exasol</groupId>
-        <version>2.8.2</version>
+        <version>2.8.3</version>
         <relativePath>pk_generated_parent.pom</relativePath>
     </parent>
     <properties>
-        <scala.version>2.13.11</scala.version>
+        <scala.version>2.13.15</scala.version>
         <scala.compat.version>2.13</scala.compat.version>
-        <hadoop.version>3.3.6</hadoop.version>
-        <jersey.version>2.43</jersey.version>
-        <log4j.version>2.23.1</log4j.version>
-        <logback.version>1.5.6</logback.version>
+        <hadoop.version>3.4.0</hadoop.version>
+        <jersey.version>3.1.8</jersey.version>
+        <log4j.version>2.24.0</log4j.version>
+        <logback.version>1.5.8</logback.version>
         <sonar.sources>src/main/,extension/src/</sonar.sources>
         <sonar.exclusions>extension/src/*.test.ts</sonar.exclusions>
         <sonar.tests>src/test/,extension/src</sonar.tests>
@@ -35,7 +35,7 @@
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
-            <version>3.15.0</version>
+            <version>3.17.0</version>
         </dependency>
         <dependency>
             <!-- Upgraded to fix CVE-2024-29131 and CVE-2024-29133 -->
@@ -52,24 +52,24 @@
         <dependency>
             <groupId>com.google.guava</groupId>
             <artifactId>guava</artifactId>
-            <version>33.2.1-jre</version>
+            <version>33.3.0-jre</version>
         </dependency>
         <dependency>
             <!-- Upgrading this will cause failing integration tests -->
             <groupId>io.grpc</groupId>
             <artifactId>grpc-netty</artifactId>
-            <version>1.65.1</version>
+            <version>1.68.0</version>
         </dependency>
         <dependency>
             <!-- Upgrade nettty-codec-http2 to fix CVE-2024-29025 -->
             <groupId>io.netty</groupId>
             <artifactId>netty-codec-http2</artifactId>
-            <version>4.1.112.Final</version>
+            <version>4.1.113.Final</version>
         </dependency>
         <dependency>
             <groupId>org.xerial.snappy</groupId>
             <artifactId>snappy-java</artifactId>
-            <version>1.1.10.5</version>
+            <version>1.1.10.7</version>
         </dependency>
         <dependency>
             <groupId>com.exasol</groupId>
@@ -197,7 +197,7 @@
             <!-- Replacement for deprecated com.jcraft:jsch from org.apache.hadoop:hadoop-common -->
             <groupId>com.github.mwiede</groupId>
             <artifactId>jsch</artifactId>
-            <version>0.2.18</version>
+            <version>0.2.20</version>
         </dependency>
         <dependency>
             <groupId>org.apache.hadoop</groupId>
@@ -312,13 +312,13 @@
             <!-- Upgrade transitive dependency of hadoop-hdfs-client to fix CVE-2022-24329 -->
             <groupId>org.jetbrains.kotlin</groupId>
             <artifactId>kotlin-stdlib</artifactId>
-            <version>1.9.25</version>
+            <version>2.0.20</version>
         </dependency>
         <dependency>
             <!-- Upgrading this will cause failing integration tests -->
             <groupId>org.alluxio</groupId>
             <artifactId>alluxio-core-client-hdfs</artifactId>
-            <version>300</version>
+            <version>313</version>
             <exclusions>
                 <exclusion>
                     <groupId>log4j</groupId>
@@ -403,17 +403,17 @@
         <dependency>
             <groupId>io.dropwizard.metrics</groupId>
             <artifactId>metrics-core</artifactId>
-            <version>4.2.26</version>
+            <version>4.2.27</version>
         </dependency>
         <dependency>
             <groupId>com.google.protobuf</groupId>
             <artifactId>protobuf-java</artifactId>
-            <version>3.25.4</version>
+            <version>4.28.2</version>
         </dependency>
         <dependency>
             <groupId>com.google.cloud.bigdataoss</groupId>
             <artifactId>gcs-connector</artifactId>
-            <version>1.9.4-hadoop3</version>
+            <version>3.0.2</version>
         </dependency>
         <!-- Explicitly upgrade transitive dependency of gcs-connector to fix CVE-2020-7692 and CVE-2021-22573 -->
         <dependency>
@@ -424,7 +424,7 @@
         <dependency>
             <groupId>org.apache.orc</groupId>
             <artifactId>orc-core</artifactId>
-            <version>1.9.4</version>
+            <version>2.0.2</version>
             <exclusions>
                 <!-- exluded because of duplicate-finder-maven-plugin -->
                 <exclusion>
@@ -442,12 +442,12 @@
         <dependency>
             <groupId>io.airlift</groupId>
             <artifactId>aircompressor</artifactId>
-            <version>0.27</version>
+            <version>2.0.2</version>
         </dependency>
         <dependency>
             <groupId>org.apache.avro</groupId>
             <artifactId>avro</artifactId>
-            <version>1.11.3</version>
+            <version>1.12.0</version>
             <exclusions>
                 <!-- exluded because of duplicate-finder-maven-plugin -->
                 <exclusion>
@@ -464,13 +464,13 @@
             <!-- Upgrade transitive dependency of org.apache.avro:avro to fix CVE-2024-26308 -->
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-compress</artifactId>
-            <version>1.26.2</version>
+            <version>1.27.1</version>
         </dependency>
         <dependency>
             <!-- Pinned to fix CVE-2023-52428 -->
             <groupId>com.nimbusds</groupId>
             <artifactId>nimbus-jose-jwt</artifactId>
-            <version>9.40</version>
+            <version>9.41.1</version>
         </dependency>
         <dependency>
             <groupId>io.delta</groupId>
@@ -480,7 +480,7 @@
         <dependency>
             <groupId>org.apache.spark</groupId>
             <artifactId>spark-sql_${scala.compat.version}</artifactId>
-            <version>3.4.1</version>
+            <version>4.0.0-preview2</version>
             <!-- Upgrading will let unit tests fail -->
             <exclusions>
                 <exclusion>
@@ -552,7 +552,7 @@
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>jul-to-slf4j</artifactId>
-            <version>2.0.13</version>
+            <version>2.0.16</version>
         </dependency>
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
@@ -590,13 +590,13 @@
         <dependency>
             <groupId>org.mockito</groupId>
             <artifactId>mockito-core</artifactId>
-            <version>5.12.0</version>
+            <version>5.13.0</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.hamcrest</groupId>
             <artifactId>hamcrest</artifactId>
-            <version>2.2</version>
+            <version>3.0</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -608,13 +608,13 @@
         <dependency>
             <groupId>org.testcontainers</groupId>
             <artifactId>localstack</artifactId>
-            <version>1.20.0</version>
+            <version>1.20.1</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>com.exasol</groupId>
             <artifactId>exasol-testcontainers</artifactId>
-            <version>7.1.0</version>
+            <version>7.1.1</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -626,19 +626,19 @@
         <dependency>
             <groupId>com.exasol</groupId>
             <artifactId>hamcrest-resultset-matcher</artifactId>
-            <version>1.6.5</version>
+            <version>1.7.0</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>nl.jqno.equalsverifier</groupId>
             <artifactId>equalsverifier</artifactId>
-            <version>3.16.1</version>
+            <version>3.16.2</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.junit.jupiter</groupId>
             <artifactId>junit-jupiter-engine</artifactId>
-            <version>5.10.3</version>
+            <version>5.11.0</version>
             <scope>test</scope>
         </dependency>
         <dependency>