diff options
author | Sonsino, Ofir (os0695) <os0695@intl.att.com> | 2018-03-19 18:37:37 +0200 |
---|---|---|
committer | Sonsino, Ofir (os0695) <os0695@intl.att.com> | 2018-03-19 18:57:05 +0200 |
commit | 845e43d10f0a1b8d64bb31f6ec84925c46401d9f (patch) | |
tree | 0c9440502d06d9dfbcca697298a1fc70992ed004 | |
parent | 728e24f8d47287eeb4994780706adbe7ec99d941 (diff) |
Fix security issues
Change-Id: Ide337059d9b5c589b19ffd7f2dc7c0d725e9e634
Issue-ID: VID-149
Signed-off-by: Sonsino, Ofir (os0695) <os0695@intl.att.com>
-rwxr-xr-x | epsdk-app-onap/pom.xml | 41 | ||||
-rwxr-xr-x | vid-app-common/pom.xml | 14 |
2 files changed, 51 insertions, 4 deletions
diff --git a/epsdk-app-onap/pom.xml b/epsdk-app-onap/pom.xml index e47afe73..67f9a08c 100755 --- a/epsdk-app-onap/pom.xml +++ b/epsdk-app-onap/pom.xml @@ -18,7 +18,7 @@ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<epsdk.version>2.1.0</epsdk.version>
- <springframework.version>4.2.0.RELEASE</springframework.version>
+ <springframework.version>4.2.2.RELEASE</springframework.version>
<hibernate.version>4.3.11.Final</hibernate.version>
<!-- Skip assembling the zip; assemble via mvn -Dskipassembly=false .. -->
<skipassembly>true</skipassembly>
@@ -307,6 +307,43 @@ <artifactId>eelf-core</artifactId>
<version>1.0.0</version>
</dependency>
+ <!--Overide versions for latest security fixes-->
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-core</artifactId>
+ <version>1.2.3</version>
+ </dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ <version>1.2.3</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ <version>3.2.1</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-fileupload</groupId>
+ <artifactId>commons-fileupload</artifactId>
+ <version>1.3.2</version>
+ </dependency>
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcprov-jdk16</artifactId>
+ <version>1.46</version>
+ </dependency>
+ <dependency>
+ <groupId>xalan</groupId>
+ <artifactId>xalan</artifactId>
+ <version>2.7.1</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.poi</groupId>
+ <artifactId>poi</artifactId>
+ <version>3.8</version>
+ </dependency>
+
<dependency>
<groupId>org.onap.vid</groupId>
<artifactId>vid-app-common</artifactId>
@@ -334,7 +371,7 @@ <dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.6.3</version>
+ <version>2.6.7.1</version>
</dependency>
<dependency>
<groupId>com.mchange</groupId>
diff --git a/vid-app-common/pom.xml b/vid-app-common/pom.xml index c52e8720..5d79a50d 100755 --- a/vid-app-common/pom.xml +++ b/vid-app-common/pom.xml @@ -19,7 +19,7 @@ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<epsdk.version>2.1.0</epsdk.version>
- <springframework.version>4.2.0.RELEASE</springframework.version>
+ <springframework.version>4.2.2.RELEASE</springframework.version>
<hibernate.version>4.3.11.Final</hibernate.version>
<!-- Skip assembling the zip by default -->
<skipassembly>true</skipassembly>
@@ -287,6 +287,16 @@ <artifactId>eelf-core</artifactId>
<version>1.0.0</version>
</dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-core</artifactId>
+ <version>1.2.3</version>
+ </dependency>
+ <dependency>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ <version>1.2.3</version>
+ </dependency>
<!-- Mapper -->
<dependency>
@@ -302,7 +312,7 @@ <dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.6.3</version>
+ <version>2.6.7.1</version>
</dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
|