diff options
author | Taka Cho <tc012c@att.com> | 2018-08-19 20:46:00 -0400 |
---|---|---|
committer | Taka Cho <tc012c@att.com> | 2018-08-19 20:52:03 -0400 |
commit | 8678a53099f255c1c9a12da4f156d97f87b0ac59 (patch) | |
tree | afbf439987ac9d1debfff54b5404f7acda628c1d | |
parent | 58296da28e654d53f0d48f67bcb61187a2b603d3 (diff) |
fixing common-collection 3.2.1 security issue
changed pom.xml and features.xml to keep common-collection to 3.2.2
Change-Id: I3ccd44d61f2e58edae9de6d7042cdb752bbd73cb
Issue-ID: APPC-1018
Signed-off-by: Taka Cho <tc012c@att.com>
9 files changed, 24 insertions, 9 deletions
diff --git a/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml b/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml index 5bbdf69cc..7b7d4d3e8 100644 --- a/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml +++ b/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml @@ -43,6 +43,10 @@ limitations under the License. <type>xml</type> <classifier>features</classifier> </dependency> - + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + <version>1.60</version> + </dependency> </dependencies> </project> diff --git a/appc-config/appc-config-params/features/src/main/resources/features.xml b/appc-config/appc-config-params/features/src/main/resources/features.xml index 0e817c3b4..757a1fc99 100644 --- a/appc-config/appc-config-params/features/src/main/resources/features.xml +++ b/appc-config/appc-config-params/features/src/main/resources/features.xml @@ -36,7 +36,7 @@ <feature>ccsdk-sli</feature> <bundle>mvn:commons-lang/commons-lang/2.6</bundle> - <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle> + <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle> <!-- <bundle>wrap:mvn:org.onap.appc/appc-yang-generator/${project.version}</bundle> --> <bundle>wrap:mvn:org.openecomp.sdc.common/openecomp-tosca-datatype/${tosca.datatype.version}</bundle> diff --git a/appc-config/appc-encryption-tool/features/src/main/resources/features.xml b/appc-config/appc-encryption-tool/features/src/main/resources/features.xml index b465669a2..a88ef3e26 100644 --- a/appc-config/appc-encryption-tool/features/src/main/resources/features.xml +++ b/appc-config/appc-encryption-tool/features/src/main/resources/features.xml @@ -37,7 +37,7 @@ <bundle>mvn:commons-lang/commons-lang/2.6</bundle> <bundle>mvn:org.apache.velocity/velocity/${velocity.version}</bundle> - <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle> + <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle> <bundle>mvn:org.onap.appc/appc-config-encryption-tool-provider/${project.version}</bundle> </feature> </features> diff --git a/appc-config/appc-flow-controller/features/src/main/resources/features.xml b/appc-config/appc-flow-controller/features/src/main/resources/features.xml index 2ab6ba248..424abd854 100644 --- a/appc-config/appc-flow-controller/features/src/main/resources/features.xml +++ b/appc-config/appc-flow-controller/features/src/main/resources/features.xml @@ -33,7 +33,7 @@ <feature>ccsdk-sli</feature> <bundle>mvn:commons-lang/commons-lang/2.6</bundle> - <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle> + <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle> <bundle>mvn:org.onap.appc/appc-config-flow-controller-provider/${project.version}</bundle> </feature> diff --git a/appc-config/pom.xml b/appc-config/pom.xml index a70a35536..0c8165c29 100644 --- a/appc-config/pom.xml +++ b/appc-config/pom.xml @@ -38,7 +38,7 @@ <snakeyaml.version>1.12</snakeyaml.version> <velocity.version>1.7</velocity.version> <jettison.version>1.3.7</jettison.version> - <common.collections.version>3.2.1</common.collections.version> + <common.collections.version>3.2.2</common.collections.version> <common.io.version>2.5</common.io.version> <tosca.datatype.version>1.1.0</tosca.datatype.version> diff --git a/appc-outbound/appc-aai-client/features/src/main/resources/features.xml b/appc-outbound/appc-aai-client/features/src/main/resources/features.xml index 1043da21c..6a8826dc6 100644 --- a/appc-outbound/appc-aai-client/features/src/main/resources/features.xml +++ b/appc-outbound/appc-aai-client/features/src/main/resources/features.xml @@ -39,7 +39,7 @@ <feature>ccsdk-aai-service</feature> <bundle>mvn:commons-lang/commons-lang/2.6</bundle> <!-- <bundle>mvn:org.apache.velocity/velocity/${velocity.version}</bundle> --> - <bundle>mvn:commons-collections/commons-collections/3.2.1</bundle> + <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle> <bundle>mvn:org.onap.appc/appc-aai-client-provider/${project.version}</bundle> </feature> </features> diff --git a/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml b/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml index 276a275a2..0effc0d4c 100644 --- a/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml +++ b/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml @@ -36,7 +36,7 @@ <feature>ccsdk-sli</feature> <bundle>mvn:commons-lang/commons-lang/2.6</bundle> - <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle> + <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle> <bundle>wrap:mvn:com.att.eelf/eelf-core/${eelf.version}</bundle> <bundle>mvn:com.sun.jersey/jersey-client/1.17</bundle> <bundle>mvn:ch.qos.logback/logback-core/${logback.version}</bundle> diff --git a/appc-parent/single-feature-parent/pom.xml b/appc-parent/single-feature-parent/pom.xml index fb3a344d2..ee2c582fd 100644 --- a/appc-parent/single-feature-parent/pom.xml +++ b/appc-parent/single-feature-parent/pom.xml @@ -37,7 +37,7 @@ limitations under the License. <properties> <skip.karaf.featureTest>true</skip.karaf.featureTest> - <commons.collections.version>3.2.1</commons.collections.version> + <commons.collections.version>3.2.2</commons.collections.version> <snakeyaml.version>1.12</snakeyaml.version> <tosca.datatype.version>1.1.0</tosca.datatype.version> <velocity.version>1.7</velocity.version> diff --git a/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml b/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml index 77390a0eb..91bb68758 100644 --- a/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml +++ b/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml @@ -200,7 +200,18 @@ <groupId>org.apache.velocity</groupId> <artifactId>velocity</artifactId> <version>1.7</version> - </dependency> + <exclusions> + <exclusion> + <artifactId>commons-collections</artifactId> + <groupId>commons-collections</groupId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + <version>3.2.2</version> + </dependency> <dependency> <groupId>org.onap.ccsdk.sli.adaptors</groupId> <artifactId>sql-resource-provider</artifactId> |