diff options
| author |   jitendra sharma <jitendra.sharma1@huawei.com> | 2020-01-23 12:45:53 +0000 |
|---|---|---|
| committer | jitendra sharma <jitendra.sharma1@huawei.com> | 2020-01-23 12:48:32 +0000 |
| commit | b1bcdf751e5fcd35c66a6ebfd06c74d12fc572ff (patch) | |
| tree | 3a23962a8b7673a583de0288ff768dbf449af202 | |
| parent | d5155b512337ebb873c4c7a5072ef9524b770bc1 (diff) | |
Change dependency version for netty-codec-http2
Issue-ID: CLI-246
Signed-off-by: jitendra sharma <jitendra.sharma1@huawei.com>
Change-Id: I89734d1062c202773a7e40ed353c1a738c5cbafe
| -rw-r--r-- | grpc/pom.xml | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/grpc/pom.xml b/grpc/pom.xml index 75721607..e73be6b3 100644 --- a/grpc/pom.xml +++ b/grpc/pom.xml @@ -34,10 +34,23 @@ <grpc.version>1.8.0</grpc.version> </properties> <dependencies> +<!-- netty-codec-http2 excluded due to Security Issues:- CVE-2019-9512,CVE-2019-9514,CVE-2019-9515,CVE-2019-9518,CVE-2019-16869 + and added invulnerable netty-codec-http2 4.1.42.Final --> <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-netty</artifactId> <version>${grpc.version}</version> + <exclusions> + <exclusion> + <groupId>io.netty</groupId> + <artifactId>netty-codec-http2</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>io.netty</groupId> + <artifactId>netty-codec-http2</artifactId> + <version>4.1.42.Final</version> </dependency> <dependency> <groupId>io.grpc</groupId> @@ -165,4 +178,4 @@ </plugins> </pluginManagement> </build> -</project>
\ No newline at end of file +</project> |