From 4354a9506832b044f14b6040ed8d56fa640587d5 Mon Sep 17 00:00:00 2001
From: maximthomas <maxim.thomas@gmail.com>
Date: Wed, 10 Dec 2025 11:27:39 +0300
Subject: [PATCH] CVE-2025-25247: Apache Felix Webconsole: XSS in services
 console

---
 commons/launcher/launcher-zip/pom.xml | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/commons/launcher/launcher-zip/pom.xml b/commons/launcher/launcher-zip/pom.xml
index 4966b4a53..43f5b0c4e 100644
--- a/commons/launcher/launcher-zip/pom.xml
+++ b/commons/launcher/launcher-zip/pom.xml
@@ -21,6 +21,8 @@
  with the fields enclosed by brackets [] replaced by
  your own identifying information:
  "Portions Copyrighted [year] [name of copyright owner]"
+
+ Portions Copyrighted 2020-2025 3A Systems LLC.
 -->
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
     <modelVersion>4.0.0</modelVersion>
@@ -58,32 +60,32 @@
                 <dependency>
                     <groupId>org.apache.felix</groupId>
                     <artifactId>org.apache.felix.webconsole</artifactId>
-                    <version>4.0.0</version>
+                    <version>5.0.18</version>
                 </dependency>
                 <dependency>
                     <groupId>org.apache.felix</groupId>
                     <artifactId>org.apache.felix.webconsole.plugins.ds</artifactId>
-                    <version>1.0.0</version>
+                    <version>2.1.0</version>
                 </dependency>
                 <dependency>
                     <groupId>org.apache.felix</groupId>
                     <artifactId>org.apache.felix.scr</artifactId>
-                    <version>1.6.2</version>
+                    <version>2.1.20</version>
                 </dependency>
                 <dependency>
                     <groupId>org.apache.felix</groupId>
                     <artifactId>org.apache.felix.configadmin</artifactId>
-                    <version>1.6.0</version>
+                    <version>1.9.26</version>
                 </dependency>
                 <dependency>
                     <groupId>org.apache.felix</groupId>
                     <artifactId>org.apache.felix.fileinstall</artifactId>
-                    <version>3.2.6</version>
+                    <version>3.6.4</version>
                 </dependency>
                 <dependency>
                     <groupId>org.apache.felix</groupId>
                     <artifactId>org.apache.felix.metatype</artifactId>
-                    <version>1.0.6</version>
+                    <version>1.1.2</version>
                 </dependency>
                 <dependency>
                     <groupId>org.apache.felix</groupId>