From bffa7655e2fbd73a3975b650a9ec955c8a9d7d2f Mon Sep 17 00:00:00 2001 From: Frank Kimmlingen Date: Tue, 16 Jan 2024 16:30:56 +0100 Subject: reduce CDS java security vulnerabilities upgrade to spring-boot 2.7.18 (Last spring-boot 2.x version) upgrade the additional versions inside the cds Issue-ID: CCSDK-3981 Signed-off-by: Frank Kimmlingen Change-Id: I239fbdb8b6f58095d805399c6f9ed3af6e7b42fe --- .../test-blueprint-kotlin-parent/pom.xml | 6 +++--- ms/blueprintsprocessor/application/pom.xml | 2 +- .../netconf/executor/core/NetconfSessionImpl.kt | 6 +++--- .../netconf/executor/core/NetconfSessionImplTest.kt | 10 +++++----- .../service/ResourceAssignmentValidationService.kt | 2 +- .../dict/utils/BulkResourceSequencingUtils.kt | 2 +- .../resource/dict/utils/ResourceDictionaryUtils.kt | 2 +- .../ssh/service/echoShell/EchoShellFactory.kt | 12 +++++++++--- .../api/handler/ResourceDictionaryHandler.kt | 2 +- .../api/service/ApplicationRegistrationService.kt | 2 +- ms/blueprintsprocessor/parent/pom.xml | 20 +++++++++++--------- ms/sdclistener/parent/pom.xml | 8 ++++---- pom.xml | 6 +++--- 13 files changed, 44 insertions(+), 36 deletions(-) diff --git a/components/model-catalog/blueprint-model/test-blueprint-kotlin-parent/pom.xml b/components/model-catalog/blueprint-model/test-blueprint-kotlin-parent/pom.xml index df8b1c205..74d89bdf2 100644 --- a/components/model-catalog/blueprint-model/test-blueprint-kotlin-parent/pom.xml +++ b/components/model-catalog/blueprint-model/test-blueprint-kotlin-parent/pom.xml @@ -81,7 +81,7 @@ junit junit - 4.12 + 4.13.1 test @@ -93,7 +93,7 @@ com.squareup.okhttp3 okhttp - 4.9.3 + 4.10.0 @@ -289,7 +289,7 @@ com.squareup.okhttp3 okhttp - 3.14.0 + 4.10.0 commons-io diff --git a/ms/blueprintsprocessor/application/pom.xml b/ms/blueprintsprocessor/application/pom.xml index f4250ed54..1feed00ff 100755 --- a/ms/blueprintsprocessor/application/pom.xml +++ b/ms/blueprintsprocessor/application/pom.xml @@ -189,7 +189,7 @@ com.github.tomakehurst wiremock-jre8 - 2.25.0 + 2.35.1 test diff --git a/ms/blueprintsprocessor/functions/netconf-executor/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/netconf/executor/core/NetconfSessionImpl.kt b/ms/blueprintsprocessor/functions/netconf-executor/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/netconf/executor/core/NetconfSessionImpl.kt index 7aefbb0d6..31d90fdcb 100644 --- a/ms/blueprintsprocessor/functions/netconf-executor/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/netconf/executor/core/NetconfSessionImpl.kt +++ b/ms/blueprintsprocessor/functions/netconf-executor/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/netconf/executor/core/NetconfSessionImpl.kt @@ -21,7 +21,7 @@ import com.google.common.collect.ImmutableSet import org.apache.sshd.client.SshClient import org.apache.sshd.client.channel.ClientChannel import org.apache.sshd.client.session.ClientSession -import org.apache.sshd.common.FactoryManager +import org.apache.sshd.core.CoreModuleProperties import org.onap.ccsdk.cds.blueprintsprocessor.functions.netconf.executor.api.DeviceInfo import org.onap.ccsdk.cds.blueprintsprocessor.functions.netconf.executor.api.NetconfException import org.onap.ccsdk.cds.blueprintsprocessor.functions.netconf.executor.api.NetconfRpcService @@ -204,8 +204,8 @@ class NetconfSessionImpl(private val deviceInfo: DeviceInfo, private val rpcServ private fun startClient() { setupNewSSHClient() - client.properties.putIfAbsent(FactoryManager.IDLE_TIMEOUT, TimeUnit.SECONDS.toMillis(idleTimeout.toLong())) - client.properties.putIfAbsent(FactoryManager.NIO2_READ_TIMEOUT, TimeUnit.SECONDS.toMillis(idleTimeout + 15L)) + client.properties.putIfAbsent(CoreModuleProperties.IDLE_TIMEOUT.name, TimeUnit.SECONDS.toMillis(idleTimeout.toLong())) + client.properties.putIfAbsent(CoreModuleProperties.NIO2_READ_TIMEOUT.name, TimeUnit.SECONDS.toMillis(idleTimeout + 15L)) client.start() startSession() diff --git a/ms/blueprintsprocessor/functions/netconf-executor/src/test/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/netconf/executor/core/NetconfSessionImplTest.kt b/ms/blueprintsprocessor/functions/netconf-executor/src/test/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/netconf/executor/core/NetconfSessionImplTest.kt index 41e4f8290..22c68f182 100644 --- a/ms/blueprintsprocessor/functions/netconf-executor/src/test/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/netconf/executor/core/NetconfSessionImplTest.kt +++ b/ms/blueprintsprocessor/functions/netconf-executor/src/test/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/functions/netconf/executor/core/NetconfSessionImplTest.kt @@ -30,7 +30,7 @@ import org.apache.sshd.client.future.DefaultAuthFuture import org.apache.sshd.client.future.DefaultConnectFuture import org.apache.sshd.client.future.DefaultOpenFuture import org.apache.sshd.client.session.ClientSession -import org.apache.sshd.common.FactoryManager +import org.apache.sshd.core.CoreModuleProperties import org.junit.Before import org.junit.Test import org.onap.ccsdk.cds.blueprintsprocessor.functions.netconf.executor.api.DeviceInfo @@ -385,8 +385,8 @@ class NetconfSessionImplTest { netconfSessionSpy.setClient(mockSshClient) netconfSessionSpy.connect() verify { mockSshClient.start() } - assertTrue { propertiesMap.containsKey(FactoryManager.IDLE_TIMEOUT) } - assertTrue { propertiesMap.containsKey(FactoryManager.NIO2_READ_TIMEOUT) } + assertTrue { propertiesMap.containsKey(CoreModuleProperties.IDLE_TIMEOUT.name) } + assertTrue { propertiesMap.containsKey(CoreModuleProperties.NIO2_READ_TIMEOUT.name) } } @Test @@ -429,7 +429,7 @@ class NetconfSessionImplTest { val succeededSessionFuture = DefaultConnectFuture(Any(), Any()) succeededSessionFuture.value = mockClientSession every { mockSshClient.connect(deviceInfo.username, deviceInfo.ipAddress, deviceInfo.port) } returns succeededSessionFuture - every { mockClientSession.waitFor(any(), any()) } returns + every { mockClientSession.waitFor(any(), any()) } returns setOf(ClientSession.ClientSessionEvent.WAIT_AUTH, ClientSession.ClientSessionEvent.CLOSED) val netconfSessionSpy = spyk(netconfSession, recordPrivateCalls = true) every { netconfSessionSpy["setupNewSSHClient"]() as Unit } just Runs @@ -451,7 +451,7 @@ class NetconfSessionImplTest { val succeededSessionFuture = DefaultConnectFuture(Any(), Any()) succeededSessionFuture.value = mockClientSession every { mockSshClient.connect(deviceInfo.username, deviceInfo.ipAddress, deviceInfo.port) } returns succeededSessionFuture - every { mockClientSession.waitFor(any(), any()) } returns + every { mockClientSession.waitFor(any(), any()) } returns setOf( ClientSession.ClientSessionEvent.WAIT_AUTH, ClientSession.ClientSessionEvent.CLOSED, diff --git a/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/service/ResourceAssignmentValidationService.kt b/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/service/ResourceAssignmentValidationService.kt index b97492dc8..b0e0d70b3 100644 --- a/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/service/ResourceAssignmentValidationService.kt +++ b/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/service/ResourceAssignmentValidationService.kt @@ -17,7 +17,7 @@ package org.onap.ccsdk.cds.controllerblueprints.resource.dict.service -import org.apache.commons.collections.CollectionUtils +import org.apache.commons.collections4.CollectionUtils import org.apache.commons.lang3.StringUtils import org.apache.commons.lang3.text.StrBuilder import org.onap.ccsdk.cds.controllerblueprints.core.BluePrintException diff --git a/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/utils/BulkResourceSequencingUtils.kt b/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/utils/BulkResourceSequencingUtils.kt index 5117c4388..c2ad4de85 100644 --- a/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/utils/BulkResourceSequencingUtils.kt +++ b/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/utils/BulkResourceSequencingUtils.kt @@ -16,7 +16,7 @@ package org.onap.ccsdk.cds.controllerblueprints.resource.dict.utils -import org.apache.commons.collections.CollectionUtils +import org.apache.commons.collections4.CollectionUtils import org.onap.ccsdk.cds.controllerblueprints.core.BluePrintProcessorException import org.onap.ccsdk.cds.controllerblueprints.core.asListOfString import org.onap.ccsdk.cds.controllerblueprints.core.utils.TopologicalSortingUtils diff --git a/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/utils/ResourceDictionaryUtils.kt b/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/utils/ResourceDictionaryUtils.kt index c09474a2b..d6a5f7f82 100644 --- a/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/utils/ResourceDictionaryUtils.kt +++ b/ms/blueprintsprocessor/modules/blueprints/resource-dict/src/main/kotlin/org/onap/ccsdk/cds/controllerblueprints/resource/dict/utils/ResourceDictionaryUtils.kt @@ -18,7 +18,7 @@ package org.onap.ccsdk.cds.controllerblueprints.resource.dict.utils import com.fasterxml.jackson.databind.JsonNode import com.fasterxml.jackson.databind.node.NullNode -import org.apache.commons.collections.MapUtils +import org.apache.commons.collections4.MapUtils import org.apache.commons.lang3.StringUtils import org.onap.ccsdk.cds.controllerblueprints.core.BluePrintConstants import org.onap.ccsdk.cds.controllerblueprints.core.BluePrintProcessorException diff --git a/ms/blueprintsprocessor/modules/commons/ssh-lib/src/test/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/ssh/service/echoShell/EchoShellFactory.kt b/ms/blueprintsprocessor/modules/commons/ssh-lib/src/test/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/ssh/service/echoShell/EchoShellFactory.kt index 6e9d1968f..41cf607ee 100644 --- a/ms/blueprintsprocessor/modules/commons/ssh-lib/src/test/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/ssh/service/echoShell/EchoShellFactory.kt +++ b/ms/blueprintsprocessor/modules/commons/ssh-lib/src/test/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/ssh/service/echoShell/EchoShellFactory.kt @@ -19,7 +19,9 @@ package org.onap.ccsdk.cds.blueprintsprocessor.ssh.service.echoShell import org.apache.sshd.common.Factory import org.apache.sshd.server.Environment import org.apache.sshd.server.ExitCallback +import org.apache.sshd.server.channel.ChannelSession import org.apache.sshd.server.command.Command +import org.apache.sshd.server.shell.ShellFactory import java.io.BufferedReader import java.io.IOException import java.io.InputStream @@ -27,12 +29,16 @@ import java.io.InputStreamReader import java.io.InterruptedIOException import java.io.OutputStream -class EchoShellFactory : Factory { +class EchoShellFactory : Factory, ShellFactory { override fun create(): Command { return EchoShell() } + override fun createShell(channel: ChannelSession?): Command { + return EchoShell() + } + companion object { val INSTANCE = EchoShellFactory() @@ -69,14 +75,14 @@ class EchoShell : Command, Runnable { } @Throws(IOException::class) - override fun start(env: Environment) { + override fun start(channel: ChannelSession?, env: Environment?) { environment = env thread = Thread(this, "EchoShell") thread!!.isDaemon = true thread!!.start() } - override fun destroy() { + override fun destroy(channel: ChannelSession?) { thread!!.interrupt() } diff --git a/ms/blueprintsprocessor/modules/inbounds/designer-api/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/designer/api/handler/ResourceDictionaryHandler.kt b/ms/blueprintsprocessor/modules/inbounds/designer-api/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/designer/api/handler/ResourceDictionaryHandler.kt index 0af1e1586..066d34664 100644 --- a/ms/blueprintsprocessor/modules/inbounds/designer-api/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/designer/api/handler/ResourceDictionaryHandler.kt +++ b/ms/blueprintsprocessor/modules/inbounds/designer-api/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/designer/api/handler/ResourceDictionaryHandler.kt @@ -18,7 +18,7 @@ package org.onap.ccsdk.cds.blueprintsprocessor.designer.api.handler import com.google.common.base.Preconditions -import org.apache.commons.collections.CollectionUtils +import org.apache.commons.collections4.CollectionUtils import org.apache.commons.lang3.StringUtils import org.onap.ccsdk.cds.blueprintsprocessor.designer.api.DesignerApiDomains import org.onap.ccsdk.cds.blueprintsprocessor.designer.api.domain.ResourceDictionary diff --git a/ms/blueprintsprocessor/modules/inbounds/designer-api/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/designer/api/service/ApplicationRegistrationService.kt b/ms/blueprintsprocessor/modules/inbounds/designer-api/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/designer/api/service/ApplicationRegistrationService.kt index db2e06eb5..59a80cc02 100644 --- a/ms/blueprintsprocessor/modules/inbounds/designer-api/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/designer/api/service/ApplicationRegistrationService.kt +++ b/ms/blueprintsprocessor/modules/inbounds/designer-api/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/designer/api/service/ApplicationRegistrationService.kt @@ -16,7 +16,7 @@ package org.onap.ccsdk.cds.blueprintsprocessor.designer.api.service -import org.apache.commons.collections.CollectionUtils +import org.apache.commons.collections4.CollectionUtils import org.onap.ccsdk.cds.controllerblueprints.resource.dict.factory.ResourceSourceMappingFactory import org.slf4j.LoggerFactory import org.springframework.beans.factory.annotation.Value diff --git a/ms/blueprintsprocessor/parent/pom.xml b/ms/blueprintsprocessor/parent/pom.xml index 8e29e06bb..3a888ab35 100755 --- a/ms/blueprintsprocessor/parent/pom.xml +++ b/ms/blueprintsprocessor/parent/pom.xml @@ -40,22 +40,22 @@ 1.4.197 1.7.4 - 5.5.1 + 5.13.0 2.8.0 2.6.3 - 2.2.0 + 2.10.0 0.1.55 0.1.8 2.7.2 2.7.0 - 27.0.1-jre + 33.0.0-jre 1.9 - 2.4.6 + 2.4.9 2.8.0 1.21 - 3.2.2 + 4.4 @@ -89,8 +89,8 @@ - commons-collections - commons-collections + org.apache.commons + commons-collections4 ${commons-collections-version} @@ -565,8 +565,9 @@ commons-lang3 - commons-collections - commons-collections + org.apache.commons + commons-collections4 + ${commons-collections-version} commons-io @@ -658,6 +659,7 @@ com.google.protobuf protobuf-java + ${protobuff.java.utils.version} com.google.protobuf diff --git a/ms/sdclistener/parent/pom.xml b/ms/sdclistener/parent/pom.xml index 973d05eea..f0abd1f5e 100755 --- a/ms/sdclistener/parent/pom.xml +++ b/ms/sdclistener/parent/pom.xml @@ -33,7 +33,7 @@ 1.0.0 - 27.0.1-jre + 33.0.0-jre 1.2.2 1.7.4 1.12.8 @@ -63,9 +63,9 @@ 3.2.1 - commons-collections - commons-collections - 3.2.2 + org.apache.commons + commons-collections4 + 4.4 commons-io diff --git a/pom.xml b/pom.xml index 847e12454..bc2bca499 100644 --- a/pom.xml +++ b/pom.xml @@ -21,7 +21,7 @@ limitations under the License. org.onap.ccsdk.parent - spring-boot-26-starter-parent + spring-boot-27-starter-parent 2.6.1 @@ -76,7 +76,7 @@ limitations under the License. 1.5.2 ${project.version} - 1.6.21 + 1.7.0 1.6.21 1.6.4 1.11.0 @@ -85,7 +85,7 @@ limitations under the License. 1.29.0 2.0.50.Final 3.10.0 - 3.10.0 + 3.16.3 1.12.8 -- cgit 1.2.3-korg