From ff86f98e38f3df388ff3dfa3b3bd995707d05b9b Mon Sep 17 00:00:00 2001 From: liamfallon Date: Sun, 21 Jun 2020 21:52:55 +0100 Subject: Remove apex-pdp Jackson security issue We should use the managed version of jackson from policy-parent rather than a specific apex-pdp version. Also upgrade the version of Avro, avro 1.9.2 uses a newer somewhat more secure version of Jackson. Issue-ID: POLICY-1508 Change-Id: If32218816ae76cf3cf6ddc8980e3a37e7e2ffd19 Signed-off-by: liamfallon --- pom.xml | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) (limited to 'pom.xml') diff --git a/pom.xml b/pom.xml index 3f2e4d7f0..bb5e5afa0 100644 --- a/pom.xml +++ b/pom.xml @@ -45,9 +45,8 @@ 1.4 2.3.0 5.3.7.Final - 1.6.5 - 2.2.6 - 2.10.0.pr3 + 1.7.0-SNAPSHOT + 2.3.0-SNAPSHOT 4.1.5.Final 20041127.091804 2.8.0 @@ -111,16 +110,6 @@ policy-endpoints ${version.policy.common} - - com.fasterxml.jackson.core - jackson-core - ${version.jackson} - - - com.fasterxml.jackson.core - jackson-databind - ${version.jackson} - org.jgroups jgroups -- cgit 1.2.3-korg