In my company, we are using OpenTSDB. Our primary concern right now is to solve the security vulnerabilities in the software which we are using. I have listed down the vulnerable packages below. Please suggest me how to upgrade those packages to the latest version in OpenTSDB?

ch.qos.logback:logback-core
commons-collections:commons-collections
ch.qos.logback:logback-classic
com.fasterxml.jackson.core:jackson-databind
com.google.protobuf:protobuf-java
org.apache.zookeeper:zookeeper
org.apache.httpcomponents:httpclient
net.sourceforge.htmlunit:htmlunit
io.netty:netty
com.google.guava:guava
commons-io:commons-io
commons-codec:commons-codec
junit:junit