From 28da5021fad45b2c4da1bd1b7db794863e5ef7f3 Mon Sep 17 00:00:00 2001
From: Patrick Brady <pb071s@att.com>
Date: Mon, 17 Sep 2018 12:52:55 -0700
Subject: Remove logback 1.1.3 security issue

cdp-pal and eelf are the dependencies using logback-classic
1.1.3. Need to use exclusions option in pom file

Change-Id: Id8f5817ec955e2b7b486bc0215c35541086606aa
Signed-off-by: Patrick Brady <pb071s@att.com>
Issue-ID: APPC-1018
---
 appc-core/appc-common-bundle/pom.xml | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'appc-core/appc-common-bundle')

diff --git a/appc-core/appc-common-bundle/pom.xml b/appc-core/appc-common-bundle/pom.xml
index 0f72a1620..07300f53f 100644
--- a/appc-core/appc-common-bundle/pom.xml
+++ b/appc-core/appc-common-bundle/pom.xml
@@ -30,9 +30,20 @@
   
   <dependencies>
     <!--  logging  -->
+    <dependency>
+         <groupId>ch.qos.logback</groupId>
+         <artifactId>logback-classic</artifactId>
+	 <version>${logback.version}</version>
+    </dependency>
     <dependency>
       <groupId>com.att.eelf</groupId>
       <artifactId>eelf-core</artifactId>
+      <exclusions>
+           <exclusion>
+               <groupId>ch.qos.logback</groupId>
+               <artifactId>logback-classic</artifactId>
+           </exclusion>
+      </exclusions>
     </dependency>
     <dependency>
       <groupId>org.slf4j</groupId>
@@ -157,4 +168,4 @@
 	   </plugin>
     </plugins>  
   </build>
-</project>
\ No newline at end of file
+</project>
-- 
cgit 1.2.3-korg