Outdated deps/NVD security issues

[seancorfield]

In light of the log4j CVE, I've been running NVD checks against my projects and against some things I depend on. It showed quite a few issues in deps-deploy which are mostly (but not completely) mitigated by bumping the dependencies:

diff --git a/deps.edn b/deps.edn
index f131021..824fd12 100644
--- a/deps.edn
+++ b/deps.edn
@@ -1,17 +1,17 @@
 {:paths ["src"]
  :deps {org.clojure/clojure {:mvn/version "RELEASE"}
         clj-commons/pomegranate {:mvn/version "1.2.1"}
-        s3-wagon-private/s3-wagon-private {:mvn/version "1.3.4"}
+        s3-wagon-private/s3-wagon-private {:mvn/version "1.3.5"}
         org.clojure/data.xml {:mvn/version "0.2.0-alpha6"}
-        org.clojure/tools.deps.alpha {:mvn/version "0.12.1036"}
-        org.apache.maven/maven-settings {:mvn/version "3.8.2"}
-        org.apache.maven/maven-settings-builder {:mvn/version "3.8.2"}
+        org.clojure/tools.deps.alpha {:mvn/version "0.12.1090"}
+        org.apache.maven/maven-settings {:mvn/version "3.8.4"}
+        org.apache.maven/maven-settings-builder {:mvn/version "3.8.4"}
         org.slf4j/slf4j-nop {:mvn/version "RELEASE"}
         org.sonatype.plexus/plexus-sec-dispatcher {:mvn/version "1.4"}}

  :aliases {:test {:extra-deps {com.cognitect/test-runner
                                {:git/url "https://github.com/cognitect-labs/test-runner"
-                                :sha "dd6da11611eeb87f08780a30ac8ea6012d4c05ce"}}
+                                :sha "cc75980b43011773162b485f46f939dc5fba91e4"}}
                   :extra-paths ["test"]
                   :exec-fn cognitect.test-runner.api/test}

Those were versions that https://github.com/liquidz/antq identified as outdated.