From 28da5021fad45b2c4da1bd1b7db794863e5ef7f3 Mon Sep 17 00:00:00 2001
From: Patrick Brady <pb071s@att.com>
Date: Mon, 17 Sep 2018 12:52:55 -0700
Subject: Remove logback 1.1.3 security issue

cdp-pal and eelf are the dependencies using logback-classic
1.1.3. Need to use exclusions option in pom file

Change-Id: Id8f5817ec955e2b7b486bc0215c35541086606aa
Signed-off-by: Patrick Brady <pb071s@att.com>
Issue-ID: APPC-1018
---
 appc-event-listener/appc-event-listener-bundle/pom.xml | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

(limited to 'appc-event-listener')

diff --git a/appc-event-listener/appc-event-listener-bundle/pom.xml b/appc-event-listener/appc-event-listener-bundle/pom.xml
index abd664e23..426fbd924 100644
--- a/appc-event-listener/appc-event-listener-bundle/pom.xml
+++ b/appc-event-listener/appc-event-listener-bundle/pom.xml
@@ -41,10 +41,21 @@
 			<version>${project.version}</version>
 		</dependency>
 -->
+                <dependency>
+                     <groupId>ch.qos.logback</groupId>
+                     <artifactId>logback-classic</artifactId>
+	             <version>${logback.version}</version>
+                </dependency>
 		<dependency>
 			<groupId>com.att.eelf</groupId>
 			<artifactId>eelf-core</artifactId>
-			</dependency>
+                       <exclusions>
+                            <exclusion>
+                                 <groupId>ch.qos.logback</groupId>
+                                 <artifactId>logback-classic</artifactId>
+                            </exclusion>
+                        </exclusions>
+		</dependency>
 		<dependency>
 			<groupId>org.onap.appc</groupId>
 			<artifactId>appc-common-bundle</artifactId>
@@ -119,6 +130,7 @@
 		<dependency>
 			<groupId>org.mockito</groupId>
 			<artifactId>mockito-core</artifactId>
+			<scope>test</scope>
 		</dependency>
 	</dependencies>
 
-- 
cgit 1.2.3-korg