diff options
| author |   vv770d <vv770d@att.com> | 2021-12-14 23:35:34 +0000 |
|---|---|---|
| committer | vv770d <vv770d@att.com> | 2021-12-14 23:35:39 +0000 |
| commit | 77e8a5597b93b55ba152890b7c8511495ee1af41 (patch) | |
| tree | 81af77e9c0f9f9042a7af9ddd2c19df88f9776a8 | |
| parent | b158d136b8d8f84afd8bde6e9646771b4ed9511c (diff) | |
[DCAE/restconf] Remediation for Log4Shell vulnerability1.2.6
Change-Id: I7473966be5012bd68244cb60d5fabee22dfa0cf1
Signed-off-by: vv770d <vv770d@att.com>
Issue-ID: DCAEGEN2-3022
| -rw-r--r-- | Changelog.md | 3 | ||||
| -rw-r--r-- | pom.xml | 16 | ||||
| -rw-r--r-- | version.properties | 2 |
3 files changed, 17 insertions, 4 deletions
diff --git a/Changelog.md b/Changelog.md index b6fa3f3..65f42c4 100644 --- a/Changelog.md +++ b/Changelog.md @@ -4,6 +4,9 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/). +## [1.2.6] - 2021/12/14 + - [DCAEGEN2-3022] - Remediation for Log4Shell vulnerability + ## [1.2.5] - 19/03/2021 ### Fixed - [DCAEGEN2-2675](https://jira.onap.org/browse/DCAEGEN2-2675) - Disable access to external entities in XML parsing @@ -2,7 +2,7 @@ <!-- ================================================================================ Copyright (c) 2019 Huawei. All rights reserved. -Copyright (c) 2019 AT&T. All rights reserved. +Copyright (c) 2019,2021 AT&T. All rights reserved. ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -27,7 +27,7 @@ limitations under the License. </parent> <groupId>org.onap.dcaegen2.collectors.restconf</groupId> <artifactId>restconfcollector</artifactId> - <version>1.2.5-SNAPSHOT</version> + <version>1.2.6-SNAPSHOT</version> <name>dcaegen2-collectors-restconf</name> <description>RestConfCollector</description> <properties> @@ -435,7 +435,7 @@ limitations under the License. <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-log4j2</artifactId> - <version>2.1.5.RELEASE</version> + <version>2.6.1</version> <exclusions> <exclusion> <groupId>org.apache.logging.log4j</groupId> @@ -444,6 +444,16 @@ limitations under the License. </exclusions> </dependency> <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> + <version>2.16.0</version> + </dependency> + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-api</artifactId> + <version>2.16.0</version> + </dependency> + <dependency> <groupId>io.springfox</groupId> <artifactId>springfox-swagger2</artifactId> <version>3.0.0</version> diff --git a/version.properties b/version.properties index 4fd02cd..0cb18ba 100644 --- a/version.properties +++ b/version.properties @@ -1,6 +1,6 @@ major=1 minor=2 -patch=5 +patch=6 base_version=${major}.${minor}.${patch} release_version=${base_version} snapshot_version=${base_version}-SNAPSHOT |