Override version for guava

Change-Id: I94f7454089dcd3b52a0c6c40bfadb59439d58d62 Signed-off-by: dglFromAtt <dgl@research.att.com> Issue-ID: DMAAP-656
author: dglFromAtt <dgl@research.att.com> 2018-08-25 03:32:40 -0400
committer: dglFromAtt <dgl@research.att.com> 2018-08-25 03:32:54 -0400
commit: e54c6debba6deca64348f1edf7a8c81a10319679 (patch)
tree: 2d5f292078f17e958ccc61a974e219954608e316
parent: 0f2eac2ac51c3672b84c454c1f3a1208c8ba703d (diff)
1 files changed, 8 insertions, 5 deletions
diff --git a/pom.xml b/pom.xml
index d0c1898..62ca18a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -232,16 +232,19 @@
 			<version>1.2.0</version>
 		</dependency>
 <!-- DMAAP-656:
-   - removed this dependency because it utilized a third party
-   - lib called com.google.guava:20.0 which had severe threat identified.
-   - build code without this dependency and it seemed to work, so perhaps it
-   - is not needed?
+   - override this dependency because it utilized a third party
+   - lib called com.google.guava:20.0 which had severe security threat identified.
+ -->
+		<dependency>
+			<groupId>com.google.guava</groupId>
+			<artifactId>guava</artifactId>
+			<version>24.1.1-jre</version>
+		</dependency>
 		<dependency>
 			<groupId>io.swagger</groupId>
 			<artifactId>swagger-core</artifactId>
 			<version>${swagger.version}</version>
 		</dependency>
- -->
 		<dependency>
 			<groupId>io.swagger</groupId>
 			<artifactId>swagger-jersey2-jaxrs</artifactId>
author	dglFromAtt <dgl@research.att.com>	2018-08-25 03:32:40 -0400
committer	dglFromAtt <dgl@research.att.com>	2018-08-25 03:32:54 -0400
commit	e54c6debba6deca64348f1edf7a8c81a10319679 (patch)
tree	2d5f292078f17e958ccc61a974e219954608e316
parent	0f2eac2ac51c3672b84c454c1f3a1208c8ba703d (diff)