Openfire should be updated to include this newer dependency.
Security vulnerabilities that exist in 2.1.3 also exist in 2.1.4, but there is no newer release to resolve these.
Actually, if it doesn’t solve vulnerabilities, the risk probably outweighs the gain.