summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjitendra007 <jitendra.sharma1@huawei.com>2020-07-24 18:35:06 +0530
committerjitendra007 <jitendra.sharma1@huawei.com>2020-07-24 18:37:54 +0530
commit53a2a014e9ab8654b35104e7de6a5de80fb3073d (patch)
treec74c97c86ddea18c611683cff81bdcfba80a0697
parent9a08d687e48312beef47bce357d374ede2ce0dc7 (diff)
Fixed security vulnerability
Issue-ID: CLI-299 Signed-off-by: jitendra007 <jitendra.sharma1@huawei.com> Change-Id: I634c42dfce01192e65b1102147953156e5828421
-rw-r--r--framework/pom.xml2
-rw-r--r--grpc/pom.xml24
-rw-r--r--profiles/http/pom.xml2
3 files changed, 24 insertions, 4 deletions
diff --git a/framework/pom.xml b/framework/pom.xml
index 9878cd84..cd9d90ea 100644
--- a/framework/pom.xml
+++ b/framework/pom.xml
@@ -74,7 +74,7 @@
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
- <version>1.13</version>
+ <version>1.14</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
diff --git a/grpc/pom.xml b/grpc/pom.xml
index 0055d2b9..cd31b2ec 100644
--- a/grpc/pom.xml
+++ b/grpc/pom.xml
@@ -52,9 +52,29 @@
<groupId>io.netty</groupId>
<artifactId>netty-codec-http2</artifactId>
<version>4.1.46.Final</version>
+ <exclusions>
+ <exclusion>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-codec-http</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-handler</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
-
- <dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-codec-http</artifactId>
+ <version>4.1.48.Final</version>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-handler</artifactId>
+ <version>4.1.19.Final</version>
+ </dependency>
+
+ <dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-protobuf</artifactId>
<version>${grpc.version}</version>
diff --git a/profiles/http/pom.xml b/profiles/http/pom.xml
index 04589410..3dee45c4 100644
--- a/profiles/http/pom.xml
+++ b/profiles/http/pom.xml
@@ -63,7 +63,7 @@ Excluded commons-codec vulnerable version and added invulnerable version
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
- <version>1.13</version>
+ <version>1.14</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>