From 03c53c05213f0c01b8b9b03025129b9fbe801384 Mon Sep 17 00:00:00 2001
From: "Lo, WEI-TING(wl849v)" <wl849v@att.com>
Date: Tue, 27 Mar 2018 19:24:12 -0400
Subject: Security Vulnerabilities

Issue-ID: PORTAL-155

Includes Security Vulnerabilities and music jar

Change-Id: Id85471555461adf2127db66ed3d4f4a3d5a06fe4
Signed-off-by: Lo, WEI-TING(wl849v) <wl849v@att.com>
---
 ecomp-sdk/epsdk-core/pom.xml | 84 +++++++++-----------------------------------
 1 file changed, 17 insertions(+), 67 deletions(-)

(limited to 'ecomp-sdk/epsdk-core/pom.xml')

diff --git a/ecomp-sdk/epsdk-core/pom.xml b/ecomp-sdk/epsdk-core/pom.xml
index abaad567..8fd5a6ee 100644
--- a/ecomp-sdk/epsdk-core/pom.xml
+++ b/ecomp-sdk/epsdk-core/pom.xml
@@ -319,6 +319,12 @@
 			<groupId>org.elasticsearch</groupId>
 			<artifactId>elasticsearch</artifactId>
 			<version>2.2.0</version>
+			<exclusions> 
+				<exclusion> 
+					<groupId>org.apache.lucene</groupId> 
+					<artifactId>lucene-queryparser</artifactId> 
+				</exclusion> 
+			</exclusions>
 		</dependency>
 		<dependency>
 			<groupId>io.searchbox</groupId>
@@ -351,6 +357,10 @@
         	<groupId>commons-httpclient</groupId>
             <artifactId>commons-httpclient</artifactId>
 		</exclusion>
+		<exclusion> 
+        	<groupId>xerces</groupId> 
+            <artifactId>xercesImpl</artifactId> 
+		</exclusion>
         </exclusions>
 	</dependency>
 
@@ -386,11 +396,6 @@
 			<classifier>runtime</classifier>
 		</dependency>
 		<dependency>
-    		<groupId>org.apache.lucene</groupId>
-    		<artifactId>lucene-queryparser</artifactId>
-    		<version>7.2.1</version>
-		</dependency>
-		<dependency>
     		<groupId>com.thoughtworks.xstream</groupId>
     		<artifactId>xstream</artifactId>
     		<version>1.4.10</version>
@@ -418,67 +423,7 @@
 		<dependency>
     		<groupId>commons-beanutils</groupId>
     		<artifactId>commons-beanutils</artifactId>
-    		<version>1.9.2</version>
-		</dependency>
-		<dependency>
-			<groupId>org.apache.poi</groupId>
-			<artifactId>poi</artifactId>
-			<version>3.17</version>
-			<exclusions>
-				<exclusion>
-					<groupId>commons-logging</groupId>
-					<artifactId>commons-logging</artifactId>
-				</exclusion>
-				<exclusion>
-					<groupId>log4j</groupId>
-					<artifactId>log4j</artifactId>
-				</exclusion>
-			</exclusions>
-		</dependency>
-		<dependency>
-			<groupId>org.apache.poi</groupId>
-			<artifactId>poi-ooxml</artifactId>
-			<version>3.17</version>
-			<exclusions>
-				<exclusion>
-					<groupId>commons-logging</groupId>
-					<artifactId>commons-logging</artifactId>
-				</exclusion>
-				<exclusion>
-					<groupId>log4j</groupId>
-					<artifactId>log4j</artifactId>
-				</exclusion>
-			</exclusions>
-		</dependency>
-		<dependency>
-			<groupId>org.apache.poi</groupId>
-			<artifactId>poi-scratchpad</artifactId>
-			<version>3.17</version>
-			<exclusions>
-				<exclusion>
-					<groupId>commons-logging</groupId>
-					<artifactId>commons-logging</artifactId>
-				</exclusion>
-				<exclusion>
-					<groupId>log4j</groupId>
-					<artifactId>log4j</artifactId>
-				</exclusion>
-			</exclusions>
-		</dependency>
-		<dependency>
-			<groupId>org.apache.poi</groupId>
-			<artifactId>poi-contrib</artifactId>
-			<version>3.5-FINAL</version>
-			<exclusions>
-				<exclusion>
-					<groupId>commons-logging</groupId>
-					<artifactId>commons-logging</artifactId>
-				</exclusion>
-				<exclusion>
-					<groupId>log4j</groupId>
-					<artifactId>log4j</artifactId>
-				</exclusion>
-			</exclusions>
+    		<version>1.9.3</version>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.httpcomponents</groupId>
@@ -489,7 +434,12 @@
     		<groupId>xalan</groupId>
     		<artifactId>xalan</artifactId>
     		<version>2.7.2</version>
-		</dependency>		
+		</dependency>	
+		<dependency> 
+    		<groupId>xerces</groupId> 
+    		<artifactId>xercesImpl</artifactId> 
+    		<version>2.11.0.SP5</version> 
+		</dependency>	
 	</dependencies>
 	
 </project>
-- 
cgit 1.2.3-korg