Address security vulnerbilities

In a recent scan of the Copybara code base, we observed some security vulnerabilities. 

They are mainly around 4 packages
- Apache Tomcat 8.0.5
- Apache HTTP client 4.5.5
- Commons codec 1.11
- Google gson 2.8.5

The recommended solutions for these are to upgrade to a specific version. 