aboutsummaryrefslogtreecommitdiffstats
path: root/profiles/http/pom.xml
diff options
context:
space:
mode:
authorKanagaraj Manickam <kanagaraj.manickam@huawei.com>2020-02-21 04:52:36 +0000
committerGerrit Code Review <gerrit@onap.org>2020-02-21 04:52:36 +0000
commit2577ef1f3fb0590dd03d0a3d0aa865e71d265db7 (patch)
tree97363c85a174ba84605175976bf03c9b648c6f00 /profiles/http/pom.xml
parent190967fc2c85f7f17ebf6e94e41b3714de644d3e (diff)
parent84d0e55e2b66dd1dabbfe85b48e7b847d17a756f (diff)
Merge "Change dependency version for httpclient"
Diffstat (limited to 'profiles/http/pom.xml')
-rw-r--r--profiles/http/pom.xml18
1 files changed, 17 insertions, 1 deletions
diff --git a/profiles/http/pom.xml b/profiles/http/pom.xml
index b8563e48..9268895d 100644
--- a/profiles/http/pom.xml
+++ b/profiles/http/pom.xml
@@ -37,11 +37,27 @@
<artifactId>cli-sample-mock-generator</artifactId>
<version>${project.version}</version>
</dependency>
+<!--Change version from 4.3.5 to 4.5.7 due to sonatype-2017-
+0359 and CVE-2015-526.
+Excluded commons-codec vulnerable version and added invulnerable version
+
+ -->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <version>4.3.5</version>
+ <version>4.5.7</version>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
+ <dependency>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ <version>1.13</version>
+ </dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>