aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Reece <michaere@amdocs.com>2018-09-17 20:06:37 +0100
committerMichael Reece <michaere@amdocs.com>2018-09-17 20:06:37 +0100
commitaa6f9acfc15b8836bc4b50bd6bdfa1b06c49d321 (patch)
tree7687d0e84a3ea0050e71ed7ba4865e6a27c4948c
parent6ce2b6004e9c213331fc2337158b17dd9f1a5da3 (diff)
Fix for NexusIQ security vunerabilities
Update and exclude dependencies causing security vunerabilities Issue-ID: AAI-1614 Change-Id: I301c270f739e1fa97cb63794f5519bceb086f747 Signed-off-by: Michael Reece <michaere@amdocs.com>
-rw-r--r--champ-lib/champ-core/pom.xml25
-rw-r--r--champ-lib/champ-titan/pom.xml8
-rw-r--r--champ-service-deps-janus/pom.xml4
-rw-r--r--champ-service-deps-titan/pom.xml8
-rw-r--r--champ-service/pom.xml2
-rwxr-xr-xpom.xml2
6 files changed, 41 insertions, 8 deletions
diff --git a/champ-lib/champ-core/pom.xml b/champ-lib/champ-core/pom.xml
index 4ce3d5f..38318b0 100644
--- a/champ-lib/champ-core/pom.xml
+++ b/champ-lib/champ-core/pom.xml
@@ -44,11 +44,6 @@ limitations under the License.
<groupId>org.onap.aai.event-client</groupId>
<artifactId>event-client-dmaap</artifactId>
</dependency>
-
- <dependency>
- <groupId>org.onap.aai.event-client</groupId>
- <artifactId>event-client-kafka</artifactId>
- </dependency>
<!-- Event Bus Library - END -->
<dependency>
@@ -103,6 +98,26 @@ limitations under the License.
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.codehaus.jackson</groupId>
+ <artifactId>jackson-mapper-asl</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.apache.hadoop</groupId>
+ <artifactId>hadoop-yarn-common</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.apache.hadoop</groupId>
+ <artifactId>hadoop-mapreduce-client-core</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-compress</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>commons-httpclient</groupId>
+ <artifactId>commons-compress</artifactId>
+ </exclusion>
</exclusions>
</dependency>
diff --git a/champ-lib/champ-titan/pom.xml b/champ-lib/champ-titan/pom.xml
index 80ca481..e83ff7c 100644
--- a/champ-lib/champ-titan/pom.xml
+++ b/champ-lib/champ-titan/pom.xml
@@ -83,6 +83,14 @@ limitations under the License.
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.codehaus.jackson</groupId>
+ <artifactId>jackson-mapper-asl</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.mindrot</groupId>
+ <artifactId>jbcrypt</artifactId>
+ </exclusion>
</exclusions>
</dependency>
diff --git a/champ-service-deps-janus/pom.xml b/champ-service-deps-janus/pom.xml
index 53c513d..92a74f1 100644
--- a/champ-service-deps-janus/pom.xml
+++ b/champ-service-deps-janus/pom.xml
@@ -191,6 +191,10 @@ limitations under the License.
<groupId>net.jpountz.lz4</groupId>
<artifactId>lz4</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.codehaus.jackson</groupId>
+ <artifactId>jackson-mapper-asl</artifactId>
+ </exclusion>
</exclusions>
</dependency>
diff --git a/champ-service-deps-titan/pom.xml b/champ-service-deps-titan/pom.xml
index 0ed7581..35be53e 100644
--- a/champ-service-deps-titan/pom.xml
+++ b/champ-service-deps-titan/pom.xml
@@ -222,6 +222,14 @@ limitations under the License.
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.codehaus.jackson</groupId>
+ <artifactId>jackson-mapper-asl</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.mindrot</groupId>
+ <artifactId>jbcrypt</artifactId>
+ </exclusion>
</exclusions>
</dependency>
diff --git a/champ-service/pom.xml b/champ-service/pom.xml
index 92d8a36..6a31fb4 100644
--- a/champ-service/pom.xml
+++ b/champ-service/pom.xml
@@ -39,7 +39,6 @@ limitations under the License.
<common.logging.groupid>org.onap.aai.logging-service</common.logging.groupid>
<common.logging.version>1.2.2</common.logging.version>
- <version.com.google.guava>18.0</version.com.google.guava>
<version.org.apache.commons.commons-lang3>3.7</version.org.apache.commons.commons-lang3>
<version.org.hamcrest.hamcrest-library>1.3</version.org.hamcrest.hamcrest-library>
<version.org.springframework.boot.spring-boot-dependencies>1.5.15.RELEASE</version.org.springframework.boot.spring-boot-dependencies>
@@ -123,7 +122,6 @@ limitations under the License.
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
- <version>${version.com.google.guava}</version>
</dependency>
<dependency>
diff --git a/pom.xml b/pom.xml
index 0cb6c58..aa31861 100755
--- a/pom.xml
+++ b/pom.xml
@@ -25,7 +25,7 @@ limitations under the License.
<parent>
<groupId>org.onap.oparent</groupId>
<artifactId>oparent</artifactId>
- <version>1.1.0</version>
+ <version>1.2.0</version>
</parent>
<groupId>org.onap.aai</groupId>