fix: Fix some CVEs

[MichaelsJP]

spring-web 6.0.14 6.0.18 java-archive GHSA-hgjh-9rj2-g67j High
spring-web 6.0.14 6.0.17 java-archive GHSA-ccgv-vj62-xf9h High
tomcat-embed-core 10.1.16 10.1.19 java-archive GHSA-7w75-32cg-r6g2 Medium
tomcat-embed-websocket 10.1.16 10.1.19 java-archive GHSA-v682-8vv8-vpwr Medium libcrypto3 3.1.4-r5 3.1.4-r6 apk CVE-2024-2511 Unknown
libssl3 3.1.4-r5 3.1.4-r6 apk CVE-2024-2511 Unknown

The spring-boot and junit fixes resolve the first four. The container update fixes the lower two.

Pull Request Checklist

• [ ] 1. I have rebased the latest version of the main branch into my feature branch and all conflicts have been resolved.
• [ ] 2. I have added information about the change/addition to functionality to the CHANGELOG.md file under the [Unreleased] heading.
• [ ] 3. I have documented my code using JDocs tags.
• [ ] 4. I have removed unnecessary commented out code, imports and System.out.println statements.
• [ ] 5. I have written JUnit tests for any new methods/classes and ensured that they pass.
• [ ] 6. I have created API tests for any new functionality exposed to the API.
• [ ] 7. If changes/additions are made to the ors-config.json file, I have added these to the ors config documentation along with a short description of what it is for, and documented this in the Pull Request (below).
• [ ] 8. I have built graphs with my code of the Heidelberg.osm.gz file and run the api-tests with all test passing
• [ ] 9. I have referenced the Issue Number in the Pull Request (if the changes were from an issue).
• [ ] 10. For new features or changes involving building of graphs, I have tested on a larger dataset (at least Germany), and the graphs build without problems (i.e. no out-of-memory errors).
• [ ] 11. For new features or changes involving the graphbuilding process (i.e. changing encoders, updating the importer etc.), I have generated longer distance routes for the affected profiles with different options (avoid features, max weight etc.) and compared these with the routes of the same parameters and start/end points generated from the current live ORS. If there are differences then the reasoning for these MUST be documented in the pull request.
• [ ] 12. I have written in the Pull Request information about the changes made including their intended usage and why the change was needed.
• [ ] 13. For changes touching the API documentation, I have tested that the API playground renders correctly.

Fixes # .

Information about the changes

• Key functionality added:
• Reason for change:

Examples and reasons for differences between live ORS routes, and those generated from this pull request

-

Required changes to ors config (if applicable)

-

[sonarcloud[bot]]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud