summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTaka Cho <tc012c@att.com>2018-08-19 20:46:00 -0400
committerTaka Cho <tc012c@att.com>2018-08-19 20:52:03 -0400
commit8678a53099f255c1c9a12da4f156d97f87b0ac59 (patch)
treeafbf439987ac9d1debfff54b5404f7acda628c1d
parent58296da28e654d53f0d48f67bcb61187a2b603d3 (diff)
fixing common-collection 3.2.1 security issue
changed pom.xml and features.xml to keep common-collection to 3.2.2 Change-Id: I3ccd44d61f2e58edae9de6d7042cdb752bbd73cb Issue-ID: APPC-1018 Signed-off-by: Taka Cho <tc012c@att.com>
-rw-r--r--appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml6
-rw-r--r--appc-config/appc-config-params/features/src/main/resources/features.xml2
-rw-r--r--appc-config/appc-encryption-tool/features/src/main/resources/features.xml2
-rw-r--r--appc-config/appc-flow-controller/features/src/main/resources/features.xml2
-rw-r--r--appc-config/pom.xml2
-rw-r--r--appc-outbound/appc-aai-client/features/src/main/resources/features.xml2
-rw-r--r--appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml2
-rw-r--r--appc-parent/single-feature-parent/pom.xml2
-rw-r--r--appc-sequence-generator/appc-sequence-generator-bundle/pom.xml13
9 files changed, 24 insertions, 9 deletions
diff --git a/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml b/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml
index 5bbdf69cc..7b7d4d3e8 100644
--- a/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml
+++ b/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml
@@ -43,6 +43,10 @@ limitations under the License.
<type>xml</type>
<classifier>features</classifier>
</dependency>
-
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcprov-jdk15on</artifactId>
+ <version>1.60</version>
+ </dependency>
</dependencies>
</project>
diff --git a/appc-config/appc-config-params/features/src/main/resources/features.xml b/appc-config/appc-config-params/features/src/main/resources/features.xml
index 0e817c3b4..757a1fc99 100644
--- a/appc-config/appc-config-params/features/src/main/resources/features.xml
+++ b/appc-config/appc-config-params/features/src/main/resources/features.xml
@@ -36,7 +36,7 @@
<feature>ccsdk-sli</feature>
<bundle>mvn:commons-lang/commons-lang/2.6</bundle>
- <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle>
+ <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle>
<!-- <bundle>wrap:mvn:org.onap.appc/appc-yang-generator/${project.version}</bundle> -->
<bundle>wrap:mvn:org.openecomp.sdc.common/openecomp-tosca-datatype/${tosca.datatype.version}</bundle>
diff --git a/appc-config/appc-encryption-tool/features/src/main/resources/features.xml b/appc-config/appc-encryption-tool/features/src/main/resources/features.xml
index b465669a2..a88ef3e26 100644
--- a/appc-config/appc-encryption-tool/features/src/main/resources/features.xml
+++ b/appc-config/appc-encryption-tool/features/src/main/resources/features.xml
@@ -37,7 +37,7 @@
<bundle>mvn:commons-lang/commons-lang/2.6</bundle>
<bundle>mvn:org.apache.velocity/velocity/${velocity.version}</bundle>
- <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle>
+ <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle>
<bundle>mvn:org.onap.appc/appc-config-encryption-tool-provider/${project.version}</bundle>
</feature>
</features>
diff --git a/appc-config/appc-flow-controller/features/src/main/resources/features.xml b/appc-config/appc-flow-controller/features/src/main/resources/features.xml
index 2ab6ba248..424abd854 100644
--- a/appc-config/appc-flow-controller/features/src/main/resources/features.xml
+++ b/appc-config/appc-flow-controller/features/src/main/resources/features.xml
@@ -33,7 +33,7 @@
<feature>ccsdk-sli</feature>
<bundle>mvn:commons-lang/commons-lang/2.6</bundle>
- <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle>
+ <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle>
<bundle>mvn:org.onap.appc/appc-config-flow-controller-provider/${project.version}</bundle>
</feature>
diff --git a/appc-config/pom.xml b/appc-config/pom.xml
index a70a35536..0c8165c29 100644
--- a/appc-config/pom.xml
+++ b/appc-config/pom.xml
@@ -38,7 +38,7 @@
<snakeyaml.version>1.12</snakeyaml.version>
<velocity.version>1.7</velocity.version>
<jettison.version>1.3.7</jettison.version>
- <common.collections.version>3.2.1</common.collections.version>
+ <common.collections.version>3.2.2</common.collections.version>
<common.io.version>2.5</common.io.version>
<tosca.datatype.version>1.1.0</tosca.datatype.version>
diff --git a/appc-outbound/appc-aai-client/features/src/main/resources/features.xml b/appc-outbound/appc-aai-client/features/src/main/resources/features.xml
index 1043da21c..6a8826dc6 100644
--- a/appc-outbound/appc-aai-client/features/src/main/resources/features.xml
+++ b/appc-outbound/appc-aai-client/features/src/main/resources/features.xml
@@ -39,7 +39,7 @@
<feature>ccsdk-aai-service</feature>
<bundle>mvn:commons-lang/commons-lang/2.6</bundle>
<!-- <bundle>mvn:org.apache.velocity/velocity/${velocity.version}</bundle> -->
- <bundle>mvn:commons-collections/commons-collections/3.2.1</bundle>
+ <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle>
<bundle>mvn:org.onap.appc/appc-aai-client-provider/${project.version}</bundle>
</feature>
</features>
diff --git a/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml b/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml
index 276a275a2..0effc0d4c 100644
--- a/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml
+++ b/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml
@@ -36,7 +36,7 @@
<feature>ccsdk-sli</feature>
<bundle>mvn:commons-lang/commons-lang/2.6</bundle>
- <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle>
+ <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle>
<bundle>wrap:mvn:com.att.eelf/eelf-core/${eelf.version}</bundle>
<bundle>mvn:com.sun.jersey/jersey-client/1.17</bundle>
<bundle>mvn:ch.qos.logback/logback-core/${logback.version}</bundle>
diff --git a/appc-parent/single-feature-parent/pom.xml b/appc-parent/single-feature-parent/pom.xml
index fb3a344d2..ee2c582fd 100644
--- a/appc-parent/single-feature-parent/pom.xml
+++ b/appc-parent/single-feature-parent/pom.xml
@@ -37,7 +37,7 @@ limitations under the License.
<properties>
<skip.karaf.featureTest>true</skip.karaf.featureTest>
- <commons.collections.version>3.2.1</commons.collections.version>
+ <commons.collections.version>3.2.2</commons.collections.version>
<snakeyaml.version>1.12</snakeyaml.version>
<tosca.datatype.version>1.1.0</tosca.datatype.version>
<velocity.version>1.7</velocity.version>
diff --git a/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml b/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml
index 77390a0eb..91bb68758 100644
--- a/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml
+++ b/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml
@@ -200,7 +200,18 @@
<groupId>org.apache.velocity</groupId>
<artifactId>velocity</artifactId>
<version>1.7</version>
- </dependency>
+ <exclusions>
+ <exclusion>
+ <artifactId>commons-collections</artifactId>
+ <groupId>commons-collections</groupId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ <version>3.2.2</version>
+ </dependency>
<dependency>
<groupId>org.onap.ccsdk.sli.adaptors</groupId>
<artifactId>sql-resource-provider</artifactId>