From 53ef7ed7d2a9354146e2ad3f1a34186613a7b1b1 Mon Sep 17 00:00:00 2001 From: Jim Hahn Date: Fri, 2 Jul 2021 11:53:59 -0400 Subject: Address some vulnerabilities from IQ report Upgraded the version of a couple of items reported in IQ. The new versions are likely to have the same issues, but at least it should be good for a moment. Verified that the change to json-smart did not cause the CDS Actor tests to break. (Though it should eventually be tested with a real CDS.) Verified that the change to xstream did not cause any tests in drools-pdp or drools-apps to break. Issue-ID: POLICY-3431 Change-Id: I1419871577174fd986c9eebf2ce35134bd4bda93 Signed-off-by: Jim Hahn --- integration/pom.xml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/integration/pom.xml b/integration/pom.xml index dd234c87..d453f533 100644 --- a/integration/pom.xml +++ b/integration/pom.xml @@ -210,7 +210,7 @@ com.thoughtworks.xstream xstream - 1.4.15 + 1.4.17 @@ -308,6 +308,11 @@ + + net.minidev + json-smart + 2.4.7 + -- cgit 1.2.3-korg