bump springboot etc and sqliteJdbcVersion for CVEs (#1055)

* bump springboot etc for tomcat CVE-2025-31650

* bump sqliteJdbcVersion for CVE-2025-29087

Author: labkey-willm

gradle.properties

@@ -99,7 +99,7 @@ apacheDirectoryVersion=2.1.7
 apacheMinaVersion=2.2.4
 
 # Usually matches the version specified as a Spring Boot dependency (see springBootVersion below)
-apacheTomcatVersion=10.1.39
+apacheTomcatVersion=10.1.40
 
 # (mothership) -> json-path -> json-smart -> accessor-smart
 # (core) -> graalvm
@@ -289,11 +289,11 @@ slf4jLog4jApiVersion=2.0.16
 snappyJavaVersion=1.1.10.7
 
 # Also, update apacheTomcatVersion above to match Spring Boot's Tomcat dependency version
-springBootVersion=3.4.1
+springBootVersion=3.4.5
 # This usually matches the Spring Framework version dictated by springBootVersion
-springVersion=6.2.1
+springVersion=6.2.6
 
-sqliteJdbcVersion=3.48.0.0
+sqliteJdbcVersion=3.49.1.0
 
 # NLP and SAML bring stax2-api in as a transitive dependency but with very different versions. We force the later version.
 stax2ApiVersion=4.2.2