Fix vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42

And update to the released version of pomba-audit-common

Issue-ID: LOG-1066
Issue-ID: LOG-1099
Signed-off-by: Prudence Au <prudence.au@amdocs.com>
Change-Id: Ifa9b0dc8d58f144a83acca4f98964476159345c9

1 files changed, 8 insertions, 2 deletions

diff --git a/pom.xml b/pom.xml
index f02b4f3..0a251a3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -44,7 +44,7 @@ limitations under the License.
                 <!-- Import dependency management from Spring Boot -->
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-dependencies</artifactId>
-                <version>1.5.17.RELEASE</version>
+                <version>1.5.22.RELEASE</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>
@@ -56,6 +56,12 @@ limitations under the License.
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.springframework.boot</groupId>
+                    <artifactId>spring-boot-starter-json</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -116,7 +122,7 @@ limitations under the License.
         <dependency>
            <groupId>org.onap.logging-analytics.pomba</groupId>
            <artifactId>pomba-audit-common</artifactId>
-           <version>1.4.0</version>
+           <version>1.5.0</version>
         </dependency>
         <dependency>
             <groupId>com.google.guava</groupId>