- update jaxb to allow java 9+ to suppress illegal reflection access - update junit to 4.13.1 - use quartz v.2.3.2 due to CVE-2019-13990 - update yaafi-crypto/pom.xml to use testcontainer snapshot dependency