diff options
Diffstat (limited to 'PolicyEngineUtils/pom.xml')
| -rw-r--r-- | PolicyEngineUtils/pom.xml | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/PolicyEngineUtils/pom.xml b/PolicyEngineUtils/pom.xml index 9e2e13b15..e7196c511 100644 --- a/PolicyEngineUtils/pom.xml +++ b/PolicyEngineUtils/pom.xml @@ -88,15 +88,20 @@ <version>4.11</version> <scope>test</scope> </dependency> - <dependency> - <groupId>org.mariadb.jdbc</groupId> - <artifactId>mariadb-java-client</artifactId> - <version>1.2.3</version> + <!-- + CLM security fix - force use of xstream + Remove this if a new version of drools-verifier is upgraded + that upgrades to xstream. + --> + <dependency> + <groupId>com.thoughtworks.xstream</groupId> + <artifactId>xstream</artifactId> + <version>1.4.10</version> </dependency> <dependency> <groupId>org.drools</groupId> <artifactId>drools-verifier</artifactId> - <version>6.3.0.Final</version> + <version>6.5.0.Final</version> <exclusions> <exclusion> <groupId>com.google.guava</groupId> @@ -106,6 +111,10 @@ <groupId>com.lowagie</groupId> <artifactId>itext</artifactId> </exclusion> + <exclusion> + <groupId>com.thoughtworks.xstream</groupId> + <artifactId>xstream</artifactId> + </exclusion> </exclusions> </dependency> <dependency> |