diff options
author | amshegokar <AS00500801@techmahindra.com> | 2018-10-15 17:03:16 +0530 |
---|---|---|
committer | amshegokar <AS00500801@techmahindra.com> | 2018-10-15 17:03:16 +0530 |
commit | 5ac0bcd19f06b601c2e913bf83a7359e7135fddb (patch) | |
tree | c66942d385f5ea2786707d7a0bda2635c1147118 | |
parent | 8db67259b2b682c403da0cfda8875037e94c60f5 (diff) |
Address critical vulnerability for Mapper
added Recommended version and readme file correction
Change-Id: I675637ef0d0b1515e0d7783abb94c120ffb029a2
Issue-ID: DCAEGEN2-871
Signed-off-by: amshegokar <AS00500801@techmahindra.com>
-rw-r--r-- | UniversalVesAdapter/README.md | 4 | ||||
-rw-r--r-- | UniversalVesAdapter/pom.xml | 9 | ||||
-rw-r--r-- | UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java | 2 | ||||
-rw-r--r-- | snmpmapper/README.md | 4 |
4 files changed, 11 insertions, 8 deletions
diff --git a/UniversalVesAdapter/README.md b/UniversalVesAdapter/README.md index 33d41c8..60b1503 100644 --- a/UniversalVesAdapter/README.md +++ b/UniversalVesAdapter/README.md @@ -72,8 +72,6 @@ General flow goes like this - Here entry point will be depending on the deployment type, Getting configuration from docker env var or from CBS configures a bunch of things and starts the application in a separate process -### Release images -For R1 - image/version pushed to nexus3 ``` nexus3.onap.org:10003/snapshots/onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor latest @@ -95,7 +93,7 @@ STEPS FOR SETUP/TEST sudo docker run -d -p 8085:8085/tcp -e URL_JDBC=jdbc:postgresql://10.53.172.138:5432/postgres -e JDBC_USERNAME=postgres -e JDBC_PASSWORD=root -e DMAAPHOST=10.53.172.156 -e CONSUL_HOST=10.53.172.109 -e HOSTNAME=static-dcaegen2-services-mua -e MR_DEFAULT_PORT_NUMBER=3904 -e CONFIG_BINDING_SERVICE=config_binding_service nexus3.onap.org:10003/onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:latest -3) Go inside container and tail /opt/app/VESCollector/logs/vesadaper.log +3) Go inside container and tail /opt/app/VESAdapter/logs/vesadaper.log 4) Post SNMP event JSON to DMaaP Topic ONAP-COLLECTOR-SNMPTRAP 5) Subscribe to DMaaP topic unauthenticated.SEC_FAULT_OUTPUT you will get process VES JSON to this topic. ``` diff --git a/UniversalVesAdapter/pom.xml b/UniversalVesAdapter/pom.xml index 8bb683d..cff2fd0 100644 --- a/UniversalVesAdapter/pom.xml +++ b/UniversalVesAdapter/pom.xml @@ -86,9 +86,18 @@ <groupId>javax.servlet</groupId> <artifactId>servlet-api</artifactId> </exclusion> + <exclusion> + <groupId>ognl</groupId> + <artifactId>ognl</artifactId> + </exclusion> </exclusions> </dependency> <dependency> + <groupId>ognl</groupId> + <artifactId>ognl</artifactId> + <version>3.1.12</version> + </dependency> + <dependency> <groupId>org.onap.dmaap.messagerouter.dmaapclient</groupId> <artifactId>dmaapClient</artifactId> <version>1.1.3</version> diff --git a/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java b/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java index 82cee66..a91e5c6 100644 --- a/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java +++ b/UniversalVesAdapter/src/main/java/org/onap/universalvesadapter/service/VESAdapterInitializer.java @@ -232,7 +232,7 @@ public class VESAdapterInitializer implements CommandLineRunner, Ordered { try (Connection con = DriverManager.getConnection(dBurl, user, pwd)) { LOGGER.info("Postgresql Connection successful..."); - LOGGER.debug("1Connection object:"+con.toString()); + LOGGER.debug("Connection object:"+con.toString()); //creating table if not exist PreparedStatement pstmt11=con.prepareStatement("CREATE TABLE IF NOT EXISTS public."+MappingFileTableName+"\r\n" + "(\r\n" + diff --git a/snmpmapper/README.md b/snmpmapper/README.md index f5ab564..584f8a5 100644 --- a/snmpmapper/README.md +++ b/snmpmapper/README.md @@ -60,9 +60,5 @@ Dockerfile bin lib logs - lib contains all libraries that are pulled into the app during maven build - logs contains application logs - -### Release images -For R1 - image/version pushed to nexus3 - ```nexus3.onap.org:10003/snapshots/onap/org.onap.dcaegen2.services.mapper.vesadapter.snmpmapper:latest ``` |