summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Changelog.md1
-rw-r--r--pom.xml18
2 files changed, 14 insertions, 5 deletions
diff --git a/Changelog.md b/Changelog.md
index 409bb6da..169fe36c 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -6,6 +6,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
## [1.11.0] - 2022/01/28
- [DCAEGEN2-2961] - Switch VESCollector to Integration base image(onap/integration-java11:10.0.0)
+ - [DCAEGEN2-3045] - Vulnerability addressal for VESCollector
## [1.10.3] - 2022/01/18
- [DCAEGEN2-3022] - Remediation for Log4Shell vulnerability (upgrade to 2.17.1)
diff --git a/pom.xml b/pom.xml
index 4649aa13..a59b7ba4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -53,7 +53,7 @@
</sonar.coverage.jacoco.xmlReportPaths>
<!-- DEPENDENCY RELATED SETTINGS -->
<micrometer.version>1.6.5</micrometer.version>
- <spring.version>2.4.3</spring.version>
+ <spring.version>2.5.9</spring.version>
<maven-assembly-plugin.version>3.1.0</maven-assembly-plugin.version>
<maven-javadoc-plugin.version>3.0.1</maven-javadoc-plugin.version>
<maven-project-info-reports-plugin.version>2.9</maven-project-info-reports-plugin.version>
@@ -61,23 +61,24 @@
<docker-maven-plugin.version>1.2.0</docker-maven-plugin.version>
<json-simple.version>1.1.1</json-simple.version>
<json-schema-validator.version>1.0.49</json-schema-validator.version>
- <gson.version>2.8.6</gson.version>
+ <gson.version>2.8.9</gson.version>
<json.version>20210307</json.version>
<unirest-java.version>1.4.9</unirest-java.version>
<commons-collections.version>3.2.2</commons-collections.version>
<commons-configuration.version>1.10</commons-configuration.version>
<vavr.version>0.10.3</vavr.version>
- <spring-boot-starter-log4j2.version>2.6.1</spring-boot-starter-log4j2.version>
+ <spring-boot-starter-log4j2.version>2.6.3</spring-boot-starter-log4j2.version>
<log4j.version>2.17.1</log4j.version>
<springfox-swagger2.version>3.0.0</springfox-swagger2.version>
<assertj-core.version>3.19.0</assertj-core.version>
<spring-boot-starter-test.version>2.2.13.RELEASE</spring-boot-starter-test.version>
- <sdk.version>1.8.7</sdk.version>
+ <sdk.version>1.8.8</sdk.version>
<guava.version>30.1-jre</guava.version>
<mock-server.version>5.11.1</mock-server.version>
<reactor-test.version>3.4.0</reactor-test.version>
- <testcontainers.version>1.15.1</testcontainers.version>
+ <testcontainers.version>1.16.3</testcontainers.version>
<junit-jupiter.version>1.15.1</junit-jupiter.version>
+ <netty-bom.version>4.1.73.Final</netty-bom.version>
</properties>
<build>
<pluginManagement>
@@ -274,6 +275,13 @@
<dependencyManagement>
<dependencies>
<dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-bom</artifactId>
+ <version>${netty-bom.version}</version>
+ <type>pom</type>
+ <scope>import</scope>
+ </dependency>
+ <dependency>
<!-- Import dependency management from Spring Boot -->
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>