summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorromaingimbert <romain.gimbert@orange.com>2018-08-31 14:01:39 +0200
committerromaingimbert <romain.gimbert@orange.com>2018-08-31 14:01:39 +0200
commit83d3d0b7511bce0a4dce7724e1e4a6b54d3b3dc4 (patch)
treeb01d7f91025226ed4da5e778825b1d58df138231
parentbe69cac6059f2a7a768bb924644d4476c8b5e86f (diff)
Fix critical security issues
-change pom dependencies version Change-Id: I053f46b33aeb61e10e390af039dcf19c8247b651 Issue-ID: EXTAPI-126 Signed-off-by: romaingimbert <romain.gimbert@orange.com>
-rw-r--r--pom.xml34
1 files changed, 28 insertions, 6 deletions
diff --git a/pom.xml b/pom.xml
index 8c849e3..e7768ff 100644
--- a/pom.xml
+++ b/pom.xml
@@ -109,10 +109,20 @@
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.apache.tomcat.embed</groupId>
+ <artifactId>tomcat-embed-core</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
+ <groupId>org.apache.tomcat.embed</groupId>
+ <artifactId>tomcat-embed-core</artifactId>
+ <version>8.5.33</version>
+ </dependency>
+
+ <dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.2.3</version>
@@ -121,12 +131,24 @@
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.springframework.data</groupId>
+ <artifactId>spring-data-commons</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-aop</artifactId>
- </dependency>
+ <dependency>
+ <groupId>org.springframework.data</groupId>
+ <artifactId>spring-data-commons</artifactId>
+ <version>1.13.14.RELEASE</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-aop</artifactId>
+ </dependency>
<dependency>
<groupId>org.apache.commons</groupId>
@@ -137,7 +159,7 @@
<dependency>
<groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils</artifactId>
- <version>1.9.3</version>
+ <version>1.9.0</version>
</dependency>
<dependency>
@@ -180,7 +202,7 @@
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-yaml</artifactId>
- <version>2.8.11</version>
+ <version>2.9.6</version>
</dependency>
<!-- jolt -->