diff options
author | liamfallon <liam.fallon@ericsson.com> | 2018-06-26 11:47:22 +0100 |
---|---|---|
committer | liamfallon <liam.fallon@ericsson.com> | 2018-06-26 11:47:35 +0100 |
commit | c78db71cba65d95698116dc7cbad5827f23362d0 (patch) | |
tree | e1e6c09848e4ba9ae84f6da9c9656951fa795b78 | |
parent | c64ab628a9a861a36b25418a2f187b93efc27880 (diff) |
Upgrade version of Jython to remove vulnerability
Upgrade version of Jython from 2.2.1 to 2.7.1 to fix security
vulnerability.
Change-Id: I605b02483431b057f0ffa6017a5726ef8e1834d3
Issue-ID: POLICY-905
Signed-off-by: liamfallon <liam.fallon@ericsson.com>
4 files changed, 8 insertions, 5 deletions
diff --git a/plugins/plugins-executor/plugins-executor-jython/pom.xml b/plugins/plugins-executor/plugins-executor-jython/pom.xml index 8b246561b..13b55caa4 100644 --- a/plugins/plugins-executor/plugins-executor-jython/pom.xml +++ b/plugins/plugins-executor/plugins-executor-jython/pom.xml @@ -37,8 +37,8 @@ <dependencies> <dependency> <groupId>org.python</groupId> - <artifactId>jython</artifactId> - <version>2.2.1</version> + <artifactId>jython-standalone</artifactId> + <version>2.7.1</version> </dependency> </dependencies> </project>
\ No newline at end of file diff --git a/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonStateFinalizerExecutor.java b/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonStateFinalizerExecutor.java index 26512b52d..ea8f027c5 100644 --- a/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonStateFinalizerExecutor.java +++ b/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonStateFinalizerExecutor.java @@ -25,6 +25,7 @@ import java.util.Map; import org.onap.policy.apex.context.ContextException; import org.onap.policy.apex.core.engine.executor.StateFinalizerExecutor; import org.onap.policy.apex.core.engine.executor.exception.StateMachineException; +import org.python.core.CompileMode; import org.python.core.Py; import org.python.core.PyCode; import org.python.core.PyException; @@ -61,7 +62,7 @@ public class JythonStateFinalizerExecutor extends StateFinalizerExecutor { try { synchronized (Py.class) { compiled = Py.compile_flags(getSubject().getLogic(), "<" + getSubject().getKey().toString() + ">", - "exec", null); + CompileMode.exec, null); } } catch (final PyException e) { LOGGER.warn("failed to compile Jython code for state finalizer " + getSubject().getKey(), e); diff --git a/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonTaskExecutor.java b/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonTaskExecutor.java index 4387a5df7..b0dd9c5c9 100644 --- a/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonTaskExecutor.java +++ b/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonTaskExecutor.java @@ -25,6 +25,7 @@ import java.util.Map; import org.onap.policy.apex.context.ContextException; import org.onap.policy.apex.core.engine.executor.TaskExecutor; import org.onap.policy.apex.core.engine.executor.exception.StateMachineException; +import org.python.core.CompileMode; import org.python.core.Py; import org.python.core.PyCode; import org.python.core.PyException; @@ -61,7 +62,7 @@ public class JythonTaskExecutor extends TaskExecutor { try { synchronized (Py.class) { compiled = Py.compile_flags(getSubject().getTaskLogic().getLogic(), - "<" + getSubject().getKey().toString() + ">", "exec", null); + "<" + getSubject().getKey().toString() + ">", CompileMode.exec, null); } } catch (final PyException e) { LOGGER.warn("failed to compile Jython code for task " + getSubject().getKey().getID(), e); diff --git a/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonTaskSelectExecutor.java b/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonTaskSelectExecutor.java index cf94793ff..4fd48f2e7 100644 --- a/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonTaskSelectExecutor.java +++ b/plugins/plugins-executor/plugins-executor-jython/src/main/java/org/onap/policy/apex/plugins/executor/jython/JythonTaskSelectExecutor.java @@ -25,6 +25,7 @@ import org.onap.policy.apex.core.engine.event.EnEvent; import org.onap.policy.apex.core.engine.executor.TaskSelectExecutor; import org.onap.policy.apex.core.engine.executor.exception.StateMachineException; import org.onap.policy.apex.model.basicmodel.concepts.AxArtifactKey; +import org.python.core.CompileMode; import org.python.core.Py; import org.python.core.PyCode; import org.python.core.PyException; @@ -60,7 +61,7 @@ public class JythonTaskSelectExecutor extends TaskSelectExecutor { try { synchronized (Py.class) { compiled = Py.compile_flags(getSubject().getTaskSelectionLogic().getLogic(), - "<" + getSubject().getKey().toString() + ">", "exec", null); + "<" + getSubject().getKey().toString() + ">", CompileMode.exec, null); } } catch (final PyException e) { LOGGER.warn("failed to compile Jython code for task selection logic in " + getSubject().getKey().getID(), |