aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorliamfallon <liam.fallon@est.tech>2019-04-15 15:31:55 +0000
committerliamfallon <liam.fallon@est.tech>2019-04-15 15:31:55 +0000
commit2ba499f11094cfd1321e59789869a0c475406b58 (patch)
tree11050d1ff03090dbca0d0275651c370b669560b4
parenteabc69580026cad20f2ea5448f6cc7e604359d1f (diff)
Fix security problem with Zookeeper
Issue-ID: POLICY-1540 Change-Id: I5c549a1dffb21b54c81a44ba69ca49cb24732558 Signed-off-by: liamfallon <liam.fallon@est.tech>
-rw-r--r--plugins/plugins-context/plugins-context-locking/plugins-context-locking-curator/pom.xml2
-rw-r--r--plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-kafka/pom.xml7
-rw-r--r--testsuites/integration/integration-uservice-test/pom.xml7
3 files changed, 15 insertions, 1 deletions
diff --git a/plugins/plugins-context/plugins-context-locking/plugins-context-locking-curator/pom.xml b/plugins/plugins-context/plugins-context-locking/plugins-context-locking-curator/pom.xml
index 8424969d7..bc839f20a 100644
--- a/plugins/plugins-context/plugins-context-locking/plugins-context-locking-curator/pom.xml
+++ b/plugins/plugins-context/plugins-context-locking/plugins-context-locking-curator/pom.xml
@@ -52,7 +52,7 @@
<dependency>
<groupId>org.apache.zookeeper</groupId>
<artifactId>zookeeper</artifactId>
- <version>3.4.13</version>
+ <version>3.4.14</version>
<exclusions>
<!-- Zookeeper uses an ancient version of log4j -->
<exclusion>
diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-kafka/pom.xml b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-kafka/pom.xml
index 64e11a72b..3eccdc137 100644
--- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-kafka/pom.xml
+++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-kafka/pom.xml
@@ -34,6 +34,13 @@
<groupId>org.apache.kafka</groupId>
<artifactId>kafka-clients</artifactId>
<version>${version.kafka}</version>
+ <exclusions>
+ <!-- The default Zookeeper version in Kafka has vulnerabilities -->
+ <exclusion>
+ <groupId>org.apache.zookeeper</groupId>
+ <artifactId>zookeeper</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
</dependencies>
diff --git a/testsuites/integration/integration-uservice-test/pom.xml b/testsuites/integration/integration-uservice-test/pom.xml
index 3b276414e..8772db0dd 100644
--- a/testsuites/integration/integration-uservice-test/pom.xml
+++ b/testsuites/integration/integration-uservice-test/pom.xml
@@ -144,6 +144,13 @@
<artifactId>kafka_2.12</artifactId>
<version>${version.kafka}</version>
<scope>test</scope>
+ <exclusions>
+ <!-- The default Zookeeper version in Kafka has vulnerabilities -->
+ <exclusion>
+ <groupId>org.apache.zookeeper</groupId>
+ <artifactId>zookeeper</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>com.salesforce.kafka.test</groupId>