From aa6f9acfc15b8836bc4b50bd6bdfa1b06c49d321 Mon Sep 17 00:00:00 2001
From: Michael Reece <michaere@amdocs.com>
Date: Mon, 17 Sep 2018 20:06:37 +0100
Subject: Fix for NexusIQ security vunerabilities

Update and exclude dependencies causing security vunerabilities

Issue-ID: AAI-1614

Change-Id: I301c270f739e1fa97cb63794f5519bceb086f747
Signed-off-by: Michael Reece <michaere@amdocs.com>
---
 champ-lib/champ-core/pom.xml | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

(limited to 'champ-lib/champ-core')

diff --git a/champ-lib/champ-core/pom.xml b/champ-lib/champ-core/pom.xml
index 4ce3d5f..38318b0 100644
--- a/champ-lib/champ-core/pom.xml
+++ b/champ-lib/champ-core/pom.xml
@@ -44,11 +44,6 @@ limitations under the License.
             <groupId>org.onap.aai.event-client</groupId>
             <artifactId>event-client-dmaap</artifactId>
         </dependency>
-
-        <dependency>
-            <groupId>org.onap.aai.event-client</groupId>
-            <artifactId>event-client-kafka</artifactId>
-        </dependency>
         <!-- Event Bus Library - END -->
 
         <dependency>
@@ -103,6 +98,26 @@ limitations under the License.
                     <groupId>com.google.guava</groupId>
                     <artifactId>guava</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.codehaus.jackson</groupId>
+                    <artifactId>jackson-mapper-asl</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.apache.hadoop</groupId>
+                    <artifactId>hadoop-yarn-common</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.apache.hadoop</groupId>
+                    <artifactId>hadoop-mapreduce-client-core</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.apache.commons</groupId>
+                    <artifactId>commons-compress</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>commons-httpclient</groupId>
+                    <artifactId>commons-compress</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
 
-- 
cgit 1.2.3-korg