2 files changed, 17 insertions, 4 deletions

diff --git a/ecomp-portal-BE-os/README.md b/ecomp-portal-BE-os/README.md
index adc82857..0a9fa850 100644
--- a/ecomp-portal-BE-os/README.md
+++ b/ecomp-portal-BE-os/README.md
@@ -32,6 +32,9 @@ Version 2.2
 - [Portal-111] Centralized Role Management Task(Integration to AAF)
 - [PORTAL-157] OpenID connect conflicting with spring security
 - [Portal-174] missing DB statement in DML script(Users, Roles Page fix)
+- [Portal-162] CVE-2015-5211 - Spring - File Upload issue. Upgrade to 4.2.2
+- [Portal-163] NVD - CVE-2016-1000341: bouncycastle issue. Upgrade to 2.4.4
+- [Portal-168] CVE-2015-0254 JSTL-Upgrade to 1.2.3+
 
 Version 1.1.0 (Amsterdam), November 2017
 - [Portal-6] Updates to License and Trademark in the PORTAL Source Code
diff --git a/ecomp-portal-BE-os/pom.xml b/ecomp-portal-BE-os/pom.xml
index 52650f91..975f6dec 100644
--- a/ecomp-portal-BE-os/pom.xml
+++ b/ecomp-portal-BE-os/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.onap.portal</groupId>
 		<artifactId>onap-portal-parent</artifactId>
-		<version>2.2</version>
+		<version>2.2.0</version>
 	</parent>
 
 	<artifactId>portal-be-os</artifactId>
@@ -284,9 +284,19 @@
 			<version>2.3.1</version>
 		</dependency>
 		<dependency>
-			<groupId>javax.servlet</groupId>
-			<artifactId>jstl</artifactId>
-			<version>1.2</version>
+    		<groupId>org.apache.taglibs</groupId>
+    		<artifactId>taglibs-standard-spec</artifactId>
+    		<version>1.2.5</version>
+		</dependency>
+		<dependency>
+    		<groupId>org.apache.taglibs</groupId>
+    		<artifactId>taglibs-standard-impl</artifactId>
+    		<version>1.2.5</version>
+		</dependency>
+		<dependency>
+    		<groupId>org.apache.taglibs</groupId>
+   			<artifactId>taglibs-standard-jstlel</artifactId>
+    		<version>1.2.5</version>
 		</dependency>
 		<!-- Apache Tiles -->
 		<dependency>