diff options
| author |   sa282w <sa282w@att.com> | 2018-03-30 14:09:40 -0400 |
|---|---|---|
| committer | sa282w <sa282w@att.com> | 2018-03-30 14:09:40 -0400 |
| commit | 78224cb1fbc6052451ad1a759353cc6549b2f230 (patch) | |
| tree | d48abb4ae11f640b0b25bfdf047e05057163ee49 | |
| parent | 4be70b62035840deacdb687970e8537c9a459e51 (diff) | |
Security Vunerabilities
Issue-ID: PORTAL-155
Excluded beanshell, nimbus dependency and upgraded the version of
spring-security-web and tomcat-embed-core.
Change-Id: I2f238d8cdeb61084b1a86099c25b5bd8f30d5e93
Signed-off-by: sa282w <sa282w@att.com>
| -rw-r--r-- | ecomp-portal-BE-common/pom.xml | 4 | ||||
| -rw-r--r-- | ecomp-portal-BE-os/pom.xml | 6 | ||||
| -rw-r--r-- | ecomp-portal-widget-ms/widget-ms/pom.xml | 13 |
3 files changed, 21 insertions, 2 deletions
diff --git a/ecomp-portal-BE-common/pom.xml b/ecomp-portal-BE-common/pom.xml index 733a1017..5ae097d6 100644 --- a/ecomp-portal-BE-common/pom.xml +++ b/ecomp-portal-BE-common/pom.xml @@ -625,6 +625,10 @@ <groupId>commons-httpclient</groupId> <artifactId>commons-httpclient</artifactId> </exclusion> + <exclusion> + <groupId>org.beanshell</groupId> + <artifactId>bsh-core</artifactId> + </exclusion> </exclusions> </dependency> <dependency> diff --git a/ecomp-portal-BE-os/pom.xml b/ecomp-portal-BE-os/pom.xml index ed42c061..2c96adaa 100644 --- a/ecomp-portal-BE-os/pom.xml +++ b/ecomp-portal-BE-os/pom.xml @@ -621,6 +621,10 @@ <groupId>org.codehaus.jackson</groupId> <artifactId>jackson-mapper-asl</artifactId> </exclusion> + <exclusion> + <groupId>com.nimbusds</groupId> + <artifactId>nimbus-jose-jwt</artifactId> + </exclusion> </exclusions> </dependency> <!-- <dependency> @@ -663,7 +667,7 @@ <artifactId>*</artifactId> </exclusion> </exclusions> - </dependency> + </dependency> </dependencies> <reporting> diff --git a/ecomp-portal-widget-ms/widget-ms/pom.xml b/ecomp-portal-widget-ms/widget-ms/pom.xml index 5d8896c2..dabc5ac9 100644 --- a/ecomp-portal-widget-ms/widget-ms/pom.xml +++ b/ecomp-portal-widget-ms/widget-ms/pom.xml @@ -44,6 +44,12 @@ <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> + <exclusions> + <exclusion> + <groupId>org.springframework.security</groupId> + <artifactId>spring-security-web</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.springframework.boot</groupId> @@ -140,7 +146,7 @@ <dependency> <groupId>org.apache.tomcat.embed</groupId> <artifactId>tomcat-embed-core</artifactId> - <version>8.5.13</version> + <version>8.5.28</version> </dependency> <dependency> <groupId>ch.qos.logback</groupId> @@ -167,6 +173,11 @@ <artifactId>jackson-databind</artifactId> <version>2.8.10</version> </dependency> + <dependency> + <groupId>org.springframework.security</groupId> + <artifactId>spring-security-web</artifactId> + <version>4.1.4.RELEASE</version> + </dependency> </dependencies> <build> |