summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorliamfallon <liam.fallon@ericsson.com>2018-06-21 10:45:48 +0800
committerliamfallon <liam.fallon@ericsson.com>2018-06-21 10:45:57 +0800
commit1303b2cfebc9dd12156db0a04b46ec401a4b4987 (patch)
tree524748c965b8f5ba438421cb29fc0d6230a12540
parentbb89ed3ad0765d323b6b026fc5fdd3b4a57fcc31 (diff)
Fix JMS plugin vulnerability
THe HornetQ JMS implementation had security vulnerabilities, license issues, and the latest version is 3 years old. The plugin was updated to use the Apache ActiveMQ JMS implementaiton instead. ActiveMQ has a very recent version, has no license issues, and has no recorded security issues. Issue-ID: POLICY-905 Change-Id: I2db80a9e45ee4274f31e8c493c841cd039e78050 Signed-off-by: liamfallon <liam.fallon@ericsson.com>
-rw-r--r--plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml19
1 files changed, 15 insertions, 4 deletions
diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml
index 61abf52b4..3ad5d0b73 100644
--- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml
+++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml
@@ -46,9 +46,20 @@
<version>3.2.0.Final</version>
</dependency>
<dependency>
- <groupId>org.hornetq</groupId>
- <artifactId>hornetq-jms-client</artifactId>
- <version>2.3.25.Final</version>
+ <groupId>org.apache.activemq</groupId>
+ <artifactId>artemis-jms-client</artifactId>
+ <version>2.6.1</version>
+ <exclusions>
+ <exclusion>
+ <groupId>io.netty</groupId>
+ <artifactId>*</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-all</artifactId>
+ <version>4.1.25.Final</version>
</dependency>
</dependencies>
-</project> \ No newline at end of file
+</project>