From a9452f9f6c91d5a3f37a89f24ff3214286bf6515 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 3 Feb 2026 23:44:18 +0000
Subject: [PATCH] fix: todolist-goof/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2436751
- https://dev.snyk.io/vuln/SNYK-JAVA-DOM4J-174153
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGHIBERNATE-1041788
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGHIBERNATE-584563
- https://dev.snyk.io/vuln/SNYK-JAVA-DOM4J-2812975
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2689634
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2434828
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2823313
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-31325
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2329097
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2330878
---
 todolist-goof/pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/todolist-goof/pom.xml b/todolist-goof/pom.xml
index 4df79d1b1b..181ea50498 100644
--- a/todolist-goof/pom.xml
+++ b/todolist-goof/pom.xml
@@ -10,8 +10,8 @@
     <url>https://github.com/snyk/java-goof</url>
 
     <properties>
-        <spring.version>3.2.6.RELEASE</spring.version>
-        <hibernate.version>4.3.7.Final</hibernate.version>
+        <spring.version>5.2.22.RELEASE</spring.version>
+        <hibernate.version>5.4.24.Final</hibernate.version>
         <tapestry.version>5.3.8</tapestry.version>
         <struts2.version>2.3.20</struts2.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>