Package relationship that prevents package updates to address CVE-2022-29599


I wish to update some packages on Alma in the maven module that address CVE-2022-29599. Unfortunately, there is a package in the pki-deps module that is enforcing a version level restriction.

slf4j-jdk14-1.7.25-4.module_el8.5.0+2577+9e95fe00.noarch prevents slf4j-1.7.25-4.module_el8.6.0+2752+f1f3449e.noarch from being upgraded to the version that contains the errata fix.

Checking in the maven project, there has been an updated version of slf4j-jdk14 published that is version compatible with the slf4j package. Are there plans to bring this into the Alma Linux distro?

Thank you