bump logback to close possible vulnerability

pom.xml

@@ -46,7 +46,7 @@
 		<gson.version>2.8.9</gson.version>
 		<zxcvbn.version>1.5.2</zxcvbn.version>
 		<slf4j.version>1.7.32</slf4j.version>
-		<logback.version>1.2.7</logback.version>
+		<logback.version>1.2.8</logback.version>
 
 		<!-- test dependencies -->
 		<junit.jupiter.version>5.8.1</junit.jupiter.version>

src/main/resources/license/THIRD-PARTY.txt

@@ -52,13 +52,13 @@ Cryptomator uses 40 third-party dependencies under the following licenses:
 			- Jetty :: Servlet Handling (org.eclipse.jetty:jetty-servlet:10.0.6 - https://eclipse.org/jetty/jetty-servlet)
 			- Jetty :: Utilities (org.eclipse.jetty:jetty-util:10.0.6 - https://eclipse.org/jetty/jetty-util)
         Eclipse Public License - v 1.0:
-			- Logback Classic Module (ch.qos.logback:logback-classic:1.2.7 - http://logback.qos.ch/logback-classic)
-			- Logback Core Module (ch.qos.logback:logback-core:1.2.7 - http://logback.qos.ch/logback-core)
+			- Logback Classic Module (ch.qos.logback:logback-classic:1.2.8 - http://logback.qos.ch/logback-classic)
+			- Logback Core Module (ch.qos.logback:logback-core:1.2.8 - http://logback.qos.ch/logback-core)
         Eclipse Public License - v 2.0:
 			- jnr-posix (com.github.jnr:jnr-posix:3.1.10 - http://nexus.sonatype.org/oss-repository-hosting.html/jnr-posix)
         GNU Lesser General Public License:
-			- Logback Classic Module (ch.qos.logback:logback-classic:1.2.7 - http://logback.qos.ch/logback-classic)
-			- Logback Core Module (ch.qos.logback:logback-core:1.2.7 - http://logback.qos.ch/logback-core)
+			- Logback Classic Module (ch.qos.logback:logback-classic:1.2.8 - http://logback.qos.ch/logback-classic)
+			- Logback Core Module (ch.qos.logback:logback-core:1.2.8 - http://logback.qos.ch/logback-core)
         GPLv2:
 			- jnr-posix (com.github.jnr:jnr-posix:3.1.10 - http://nexus.sonatype.org/oss-repository-hosting.html/jnr-posix)
         GPLv2+CE: