diff options
author | Jorge Hernandez <jh1730@att.com> | 2018-03-05 19:52:50 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2018-03-05 19:52:50 +0000 |
commit | d7dd5e1a57ae6bf0b0e832a7ccb323f9cf972b80 (patch) | |
tree | a3084580649ffc6ec51ea6f7e576f71dd6a94866 | |
parent | 884e138c695a21560b7619d457d5197276716af4 (diff) | |
parent | d6465d56ca959b8493c1a9a3938d3d24461b5a6b (diff) |
Merge "Upgrade commons-collection for security fix"
-rw-r--r-- | BRMSGateway/pom.xml | 16 | ||||
-rw-r--r-- | ONAP-SDK-APP/pom.xml | 14 |
2 files changed, 30 insertions, 0 deletions
diff --git a/BRMSGateway/pom.xml b/BRMSGateway/pom.xml index 39e943be1..0d9ebfba2 100644 --- a/BRMSGateway/pom.xml +++ b/BRMSGateway/pom.xml @@ -66,10 +66,26 @@ <artifactId>integrity-monitor</artifactId> <version>${project.version}</version> </dependency> + <!-- + CLM security fix - force use of commons-collections 3.2.2. + Remove this if a new version of nexus-rest-client-java is upgraded + to not use velocity (and then subsequently commons-collections v3.1 + --> + <dependency> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + <version>3.2.2</version> + </dependency> <dependency> <groupId>org.sonatype.nexus</groupId> <artifactId>nexus-rest-client-java</artifactId> <version>2.3.1-01</version> + <exclusions> + <exclusion> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>com.thoughtworks.xstream</groupId> diff --git a/ONAP-SDK-APP/pom.xml b/ONAP-SDK-APP/pom.xml index c1ce21e4f..687e5b3a2 100644 --- a/ONAP-SDK-APP/pom.xml +++ b/ONAP-SDK-APP/pom.xml @@ -238,6 +238,16 @@ <type>jar</type> </dependency> <!-- SDK components --> + <!-- + CLM security fix - force use of commons-collections 3.2.2. + Remove this if a new version of epsdk-core is upgraded + to not use esapi (and then subsequently commons-collections v3.2 + --> + <dependency> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + <version>3.2.2</version> + </dependency> <dependency> <groupId>org.onap.portal.sdk</groupId> <artifactId>epsdk-core</artifactId> @@ -247,6 +257,10 @@ <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> </exclusion> + <exclusion> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + </exclusion> </exclusions> </dependency> <dependency> |