Address critical vulnerability for Mapper

added Recommended version and readme file correction

Change-Id: I675637ef0d0b1515e0d7783abb94c120ffb029a2
Issue-ID: DCAEGEN2-871
Signed-off-by: amshegokar <AS00500801@techmahindra.com>

4 files changed, 11 insertions, 8 deletions

diff --git a/UniversalVesAdapter/README.md b/UniversalVesAdapter/README.md
index 33d41c8..60b1503 100644
--- a/UniversalVesAdapter/README.md
+++ b/UniversalVesAdapter/README.md
@@ -72,8 +72,6 @@ General flow goes like this
 - Here entry point will be depending on the deployment type, Getting configuration from docker env var or from CBS
   configures a bunch of things and starts the application in a separate process
 
-### Release images
-For R1 - image/version  pushed to nexus3 
 
 ```
 nexus3.onap.org:10003/snapshots/onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor latest
@@ -95,7 +93,7 @@ STEPS FOR SETUP/TEST
 		
  sudo docker run -d -p 8085:8085/tcp -e URL_JDBC=jdbc:postgresql://10.53.172.138:5432/postgres -e JDBC_USERNAME=postgres -e JDBC_PASSWORD=root -e DMAAPHOST=10.53.172.156 -e CONSUL_HOST=10.53.172.109 -e HOSTNAME=static-dcaegen2-services-mua -e MR_DEFAULT_PORT_NUMBER=3904 -e CONFIG_BINDING_SERVICE=config_binding_service nexus3.onap.org:10003/onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:latest
 
-3)	Go inside container and tail /opt/app/VESCollector/logs/vesadaper.log
+3)	Go inside container and tail /opt/app/VESAdapter/logs/vesadaper.log
 4)	Post SNMP event JSON to DMaaP Topic ONAP-COLLECTOR-SNMPTRAP  
 5) Subscribe to DMaaP topic unauthenticated.SEC_FAULT_OUTPUT you will get process VES JSON to this topic.		 
 ```
diff --git a/UniversalVesAdapter/pom.xml b/UniversalVesAdapter/pom.xml
index 8bb683d..cff2fd0 100644
--- a/UniversalVesAdapter/pom.xml
+++ b/UniversalVesAdapter/pom.xml
@@ -86,9 +86,18 @@
 					<groupId>javax.servlet</groupId>
 					<artifactId>servlet-api</artifactId>
 				</exclusion>
+				<exclusion>
+					<groupId>ognl</groupId>
+					<artifactId>ognl</artifactId>
+				</exclusion>
 			</exclusions>
 		</dependency>
 		<dependency>
+			<groupId>ognl</groupId>
+			<artifactId>ognl</artifactId>
+			<version>3.1.12</version>
+		</dependency>
+		<dependency>
 			<groupId>org.onap.dmaap.messagerouter.dmaapclient</groupId>
 			<artifactId>dmaapClient</artifactId>
 			<version>1.1.3</version>
diff --git a/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java b/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java
index 82cee66..a91e5c6 100644
--- a/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java
+++ b/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java
@@ -232,7 +232,7 @@ public class VESAdapterInitializer implements CommandLineRunner, Ordered {
 		 
                try (Connection con = DriverManager.getConnection(dBurl, user, pwd)) {
                      LOGGER.info("Postgresql Connection successful...");
-                     LOGGER.debug("1Connection object:"+con.toString());
+                     LOGGER.debug("Connection object:"+con.toString());
               //creating table if not exist
              PreparedStatement pstmt11=con.prepareStatement("CREATE TABLE IF NOT EXISTS public."+MappingFileTableName+"\r\n" + 
                      "(\r\n" + 
diff --git a/snmpmapper/README.md b/snmpmapper/README.md
index f5ab564..584f8a5 100644
--- a/snmpmapper/README.md
+++ b/snmpmapper/README.md
@@ -60,9 +60,5 @@ Dockerfile  bin  lib  logs
 - lib contains all libraries that are pulled into the app during maven build
 - logs contains application logs
 
-
-### Release images
-For R1 - image/version  pushed to nexus3 
-
 ```nexus3.onap.org:10003/snapshots/onap/org.onap.dcaegen2.services.mapper.vesadapter.snmpmapper:latest
 ```