diff options
author | jitendra007 <jitendra.sharma1@huawei.com> | 2020-07-24 18:35:06 +0530 |
---|---|---|
committer | jitendra007 <jitendra.sharma1@huawei.com> | 2020-07-24 18:37:54 +0530 |
commit | 53a2a014e9ab8654b35104e7de6a5de80fb3073d (patch) | |
tree | c74c97c86ddea18c611683cff81bdcfba80a0697 | |
parent | 9a08d687e48312beef47bce357d374ede2ce0dc7 (diff) |
Fixed security vulnerability
Issue-ID: CLI-299
Signed-off-by: jitendra007 <jitendra.sharma1@huawei.com>
Change-Id: I634c42dfce01192e65b1102147953156e5828421
-rw-r--r-- | framework/pom.xml | 2 | ||||
-rw-r--r-- | grpc/pom.xml | 24 | ||||
-rw-r--r-- | profiles/http/pom.xml | 2 |
3 files changed, 24 insertions, 4 deletions
diff --git a/framework/pom.xml b/framework/pom.xml index 9878cd84..cd9d90ea 100644 --- a/framework/pom.xml +++ b/framework/pom.xml @@ -74,7 +74,7 @@ <dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> - <version>1.13</version> + <version>1.14</version> </dependency> <dependency> <groupId>org.apache.commons</groupId> diff --git a/grpc/pom.xml b/grpc/pom.xml index 0055d2b9..cd31b2ec 100644 --- a/grpc/pom.xml +++ b/grpc/pom.xml @@ -52,9 +52,29 @@ <groupId>io.netty</groupId> <artifactId>netty-codec-http2</artifactId> <version>4.1.46.Final</version> + <exclusions> + <exclusion> + <groupId>io.netty</groupId> + <artifactId>netty-codec-http</artifactId> + </exclusion> + <exclusion> + <groupId>io.netty</groupId> + <artifactId>netty-handler</artifactId> + </exclusion> + </exclusions> </dependency> - - <dependency> + <dependency> + <groupId>io.netty</groupId> + <artifactId>netty-codec-http</artifactId> + <version>4.1.48.Final</version> + </dependency> + <dependency> + <groupId>io.netty</groupId> + <artifactId>netty-handler</artifactId> + <version>4.1.19.Final</version> + </dependency> + + <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-protobuf</artifactId> <version>${grpc.version}</version> diff --git a/profiles/http/pom.xml b/profiles/http/pom.xml index 04589410..3dee45c4 100644 --- a/profiles/http/pom.xml +++ b/profiles/http/pom.xml @@ -63,7 +63,7 @@ Excluded commons-codec vulnerable version and added invulnerable version <dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> - <version>1.13</version> + <version>1.14</version> </dependency> <dependency> <groupId>org.apache.httpcomponents</groupId> |