diff options
author | Michael Reece <michaere@amdocs.com> | 2018-09-17 20:06:37 +0100 |
---|---|---|
committer | Michael Reece <michaere@amdocs.com> | 2018-09-17 20:06:37 +0100 |
commit | aa6f9acfc15b8836bc4b50bd6bdfa1b06c49d321 (patch) | |
tree | 7687d0e84a3ea0050e71ed7ba4865e6a27c4948c | |
parent | 6ce2b6004e9c213331fc2337158b17dd9f1a5da3 (diff) |
Fix for NexusIQ security vunerabilities
Update and exclude dependencies causing security vunerabilities
Issue-ID: AAI-1614
Change-Id: I301c270f739e1fa97cb63794f5519bceb086f747
Signed-off-by: Michael Reece <michaere@amdocs.com>
-rw-r--r-- | champ-lib/champ-core/pom.xml | 25 | ||||
-rw-r--r-- | champ-lib/champ-titan/pom.xml | 8 | ||||
-rw-r--r-- | champ-service-deps-janus/pom.xml | 4 | ||||
-rw-r--r-- | champ-service-deps-titan/pom.xml | 8 | ||||
-rw-r--r-- | champ-service/pom.xml | 2 | ||||
-rwxr-xr-x | pom.xml | 2 |
6 files changed, 41 insertions, 8 deletions
diff --git a/champ-lib/champ-core/pom.xml b/champ-lib/champ-core/pom.xml index 4ce3d5f..38318b0 100644 --- a/champ-lib/champ-core/pom.xml +++ b/champ-lib/champ-core/pom.xml @@ -44,11 +44,6 @@ limitations under the License. <groupId>org.onap.aai.event-client</groupId> <artifactId>event-client-dmaap</artifactId> </dependency> - - <dependency> - <groupId>org.onap.aai.event-client</groupId> - <artifactId>event-client-kafka</artifactId> - </dependency> <!-- Event Bus Library - END --> <dependency> @@ -103,6 +98,26 @@ limitations under the License. <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> </exclusion> + <exclusion> + <groupId>org.codehaus.jackson</groupId> + <artifactId>jackson-mapper-asl</artifactId> + </exclusion> + <exclusion> + <groupId>org.apache.hadoop</groupId> + <artifactId>hadoop-yarn-common</artifactId> + </exclusion> + <exclusion> + <groupId>org.apache.hadoop</groupId> + <artifactId>hadoop-mapreduce-client-core</artifactId> + </exclusion> + <exclusion> + <groupId>org.apache.commons</groupId> + <artifactId>commons-compress</artifactId> + </exclusion> + <exclusion> + <groupId>commons-httpclient</groupId> + <artifactId>commons-compress</artifactId> + </exclusion> </exclusions> </dependency> diff --git a/champ-lib/champ-titan/pom.xml b/champ-lib/champ-titan/pom.xml index 80ca481..e83ff7c 100644 --- a/champ-lib/champ-titan/pom.xml +++ b/champ-lib/champ-titan/pom.xml @@ -83,6 +83,14 @@ limitations under the License. <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> </exclusion> + <exclusion> + <groupId>org.codehaus.jackson</groupId> + <artifactId>jackson-mapper-asl</artifactId> + </exclusion> + <exclusion> + <groupId>org.mindrot</groupId> + <artifactId>jbcrypt</artifactId> + </exclusion> </exclusions> </dependency> diff --git a/champ-service-deps-janus/pom.xml b/champ-service-deps-janus/pom.xml index 53c513d..92a74f1 100644 --- a/champ-service-deps-janus/pom.xml +++ b/champ-service-deps-janus/pom.xml @@ -191,6 +191,10 @@ limitations under the License. <groupId>net.jpountz.lz4</groupId> <artifactId>lz4</artifactId> </exclusion> + <exclusion> + <groupId>org.codehaus.jackson</groupId> + <artifactId>jackson-mapper-asl</artifactId> + </exclusion> </exclusions> </dependency> diff --git a/champ-service-deps-titan/pom.xml b/champ-service-deps-titan/pom.xml index 0ed7581..35be53e 100644 --- a/champ-service-deps-titan/pom.xml +++ b/champ-service-deps-titan/pom.xml @@ -222,6 +222,14 @@ limitations under the License. <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> </exclusion> + <exclusion> + <groupId>org.codehaus.jackson</groupId> + <artifactId>jackson-mapper-asl</artifactId> + </exclusion> + <exclusion> + <groupId>org.mindrot</groupId> + <artifactId>jbcrypt</artifactId> + </exclusion> </exclusions> </dependency> diff --git a/champ-service/pom.xml b/champ-service/pom.xml index 92d8a36..6a31fb4 100644 --- a/champ-service/pom.xml +++ b/champ-service/pom.xml @@ -39,7 +39,6 @@ limitations under the License. <common.logging.groupid>org.onap.aai.logging-service</common.logging.groupid> <common.logging.version>1.2.2</common.logging.version> - <version.com.google.guava>18.0</version.com.google.guava> <version.org.apache.commons.commons-lang3>3.7</version.org.apache.commons.commons-lang3> <version.org.hamcrest.hamcrest-library>1.3</version.org.hamcrest.hamcrest-library> <version.org.springframework.boot.spring-boot-dependencies>1.5.15.RELEASE</version.org.springframework.boot.spring-boot-dependencies> @@ -123,7 +122,6 @@ limitations under the License. <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> - <version>${version.com.google.guava}</version> </dependency> <dependency> @@ -25,7 +25,7 @@ limitations under the License. <parent> <groupId>org.onap.oparent</groupId> <artifactId>oparent</artifactId> - <version>1.1.0</version> + <version>1.2.0</version> </parent> <groupId>org.onap.aai</groupId> |