From d21408b75fc6e9cd5cbbd2743219128f3127e5f1 Mon Sep 17 00:00:00 2001
From: Matthieu Geerebaert <matthieu.geerebaert@orange.com>
Date: Mon, 29 Apr 2019 16:36:28 +0200
Subject: Update dependencies to latest

Resolve some vulnerabilities issues

Change-Id: I26d4a6cab86a5ddb25700c7b437051ea1aa49f81
Issue-ID: EXTAPI-236
Signed-off-by: MatthieuGeerebaert <matthieu.geerebaert@orange.com>
---
 pom.xml | 38 +++++++++++++++++++++++++++++++++++++-
 1 file changed, 37 insertions(+), 1 deletion(-)

(limited to 'pom.xml')

diff --git a/pom.xml b/pom.xml
index f8d8c9a..164d2ca 100644
--- a/pom.xml
+++ b/pom.xml
@@ -106,7 +106,7 @@
       <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-dependencies</artifactId>
-        <version>2.1.3.RELEASE</version>
+        <version>2.1.4.RELEASE</version>
         <type>pom</type>
         <scope>import</scope>
       </dependency>
@@ -118,6 +118,18 @@
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-web</artifactId>
+      <exclusions>
+        <exclusion>
+          <groupId>org.apache.tomcat.embed</groupId>
+          <artifactId>tomcat-embed-core</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+
+    <dependency>
+      <groupId>org.apache.tomcat.embed</groupId>
+      <artifactId>tomcat-embed-core</artifactId>
+      <version>9.0.19</version>
     </dependency>
 
     <dependency>
@@ -199,9 +211,19 @@
           <groupId>com.google.guava</groupId>
           <artifactId>guava</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>commons-codec</groupId>
+          <artifactId>commons-codec</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
 
+    <dependency>
+      <groupId>commons-codec</groupId>
+      <artifactId>commons-codec</artifactId>
+      <version>1.12</version>
+    </dependency>
+
     <!-- jolt -->
 
     <dependency>
@@ -262,6 +284,10 @@
           <groupId>com.fasterxml.jackson.core</groupId>
           <artifactId>jackson-databind</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>commons-codec</groupId>
+          <artifactId>commons-codec</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
 
@@ -295,9 +321,19 @@
           <groupId>com.google.guava</groupId>
           <artifactId>guava</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>com.squareup.okhttp3</groupId>
+          <artifactId>okhttp</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
 
+    <dependency>
+      <groupId>com.squareup.okhttp3</groupId>
+      <artifactId>okhttp</artifactId>
+      <version>3.14.1</version>
+    </dependency>
+
     <dependency>
       <groupId>com.google.guava</groupId>
       <artifactId>guava</artifactId>
-- 
cgit 1.2.3-korg