diff options
author | Kanagaraj Manickam <kanagaraj.manickam@huawei.com> | 2020-02-21 04:52:18 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-02-21 04:52:18 +0000 |
commit | 190967fc2c85f7f17ebf6e94e41b3714de644d3e (patch) | |
tree | f6c72c0245eacf40d5cfc2201725c7ed686f31e9 | |
parent | 3ff640dfea6044dc098d3e2e62dc534615694e0c (diff) | |
parent | b1bcdf751e5fcd35c66a6ebfd06c74d12fc572ff (diff) |
Merge "Change dependency version for netty-codec-http2"
-rw-r--r-- | grpc/pom.xml | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/grpc/pom.xml b/grpc/pom.xml index 75721607..e73be6b3 100644 --- a/grpc/pom.xml +++ b/grpc/pom.xml @@ -34,10 +34,23 @@ <grpc.version>1.8.0</grpc.version> </properties> <dependencies> +<!-- netty-codec-http2 excluded due to Security Issues:- CVE-2019-9512,CVE-2019-9514,CVE-2019-9515,CVE-2019-9518,CVE-2019-16869 + and added invulnerable netty-codec-http2 4.1.42.Final --> <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-netty</artifactId> <version>${grpc.version}</version> + <exclusions> + <exclusion> + <groupId>io.netty</groupId> + <artifactId>netty-codec-http2</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>io.netty</groupId> + <artifactId>netty-codec-http2</artifactId> + <version>4.1.42.Final</version> </dependency> <dependency> <groupId>io.grpc</groupId> @@ -165,4 +178,4 @@ </plugins> </pluginManagement> </build> -</project>
\ No newline at end of file +</project> |