summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorvasraz <vasyl.razinkov@est.tech>2021-05-12 13:56:51 +0100
committerChristophe Closset <christophe.closset@intl.att.com>2021-05-15 06:22:36 +0000
commitb7ea3eff8a18c9a05d92833d71b3c3b699327b8a (patch)
treef9bf027a8988bbdb524a64dd6ee11b7cf174fbdf
parent1073da9c4dacfc87982eecf1667eb0177540acf6 (diff)
Update vulnerable package dependencies
commons-io -> 2.7 org.freemarker -> 2.3.30 Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: Ie18bd3abffdb64017ab49331864325beea8aa2c4 Issue-ID: SDC-3572
-rw-r--r--asdctool/pom.xml10
-rw-r--r--catalog-be/pom.xml10
-rw-r--r--catalog-dao/pom.xml10
-rw-r--r--catalog-fe/pom.xml10
-rw-r--r--catalog-model/pom.xml10
-rw-r--r--common-app-api/pom.xml15
-rw-r--r--integration-tests/pom.xml4
-rw-r--r--onboarding/pom.xml2
-rw-r--r--openecomp-be/lib/openecomp-sdc-model-lib/openecomp-sdc-model-impl/pom.xml2
-rw-r--r--openecomp-be/lib/openecomp-sdc-tosca-generator-lib/openecomp-sdc-tosca-generator-core/pom.xml2
-rw-r--r--openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/pom.xml2
-rw-r--r--openecomp-be/lib/openecomp-sdc-vendor-software-product-lib/openecomp-sdc-vendor-software-product-api/pom.xml129
-rw-r--r--pom.xml3
-rw-r--r--utils/webseal-simulator/pom.xml2
14 files changed, 141 insertions, 70 deletions
diff --git a/asdctool/pom.xml b/asdctool/pom.xml
index 7161f89ca0..700d9dc9b3 100644
--- a/asdctool/pom.xml
+++ b/asdctool/pom.xml
@@ -162,6 +162,12 @@
<artifactId>commons-jci-core</artifactId>
<version>${commons-jci-core.version}</version>
<scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
@@ -289,6 +295,10 @@
<groupId>org.apache.thrift</groupId>
<artifactId>libthrift</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
</exclusions>
</dependency>
diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml
index 002e3fc3b1..c156b96178 100644
--- a/catalog-be/pom.xml
+++ b/catalog-be/pom.xml
@@ -159,6 +159,12 @@
<artifactId>commons-jci-core</artifactId>
<version>${commons-jci-core.version}</version>
<scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<!-- Gson -->
@@ -384,6 +390,10 @@
<groupId>org.apache.thrift</groupId>
<artifactId>libthrift</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
</exclusions>
</dependency>
diff --git a/catalog-dao/pom.xml b/catalog-dao/pom.xml
index e4878613a1..8d82dd2ce7 100644
--- a/catalog-dao/pom.xml
+++ b/catalog-dao/pom.xml
@@ -230,6 +230,12 @@ Modifications copyright (c) 2018 Nokia
<artifactId>commons-jci-core</artifactId>
<version>${commons-jci-core.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
@@ -265,6 +271,10 @@ Modifications copyright (c) 2018 Nokia
<artifactId>groovy</artifactId>
<groupId>org.codehaus.groovy</groupId>
</exclusion>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
</exclusions>
</dependency>
diff --git a/catalog-fe/pom.xml b/catalog-fe/pom.xml
index a4be186b45..238308145c 100644
--- a/catalog-fe/pom.xml
+++ b/catalog-fe/pom.xml
@@ -70,6 +70,12 @@
<artifactId>commons-jci-core</artifactId>
<version>${commons-jci-core.version}</version>
<scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
@@ -265,6 +271,10 @@
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
diff --git a/catalog-model/pom.xml b/catalog-model/pom.xml
index 7666076de6..ff28ea6395 100644
--- a/catalog-model/pom.xml
+++ b/catalog-model/pom.xml
@@ -166,6 +166,10 @@
<groupId>org.apache.thrift</groupId>
<artifactId>libthrift</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
</exclusions>
</dependency>
@@ -299,6 +303,12 @@
<artifactId>commons-jci-core</artifactId>
<version>${commons-jci-core.version}</version>
<scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
diff --git a/common-app-api/pom.xml b/common-app-api/pom.xml
index 3542d6e1fc..36df3cff9f 100644
--- a/common-app-api/pom.xml
+++ b/common-app-api/pom.xml
@@ -26,9 +26,18 @@
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ <version>${commons.io.version}</version>
+ </dependency>
+ <dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
@@ -69,6 +78,12 @@
<artifactId>commons-jci-core</artifactId>
<version>${commons-jci-core.version}</version>
<scope>provided</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<!-- Gson -->
diff --git a/integration-tests/pom.xml b/integration-tests/pom.xml
index 87761e6f0c..4fd4304f4b 100644
--- a/integration-tests/pom.xml
+++ b/integration-tests/pom.xml
@@ -149,6 +149,10 @@ limitations under the License.
<groupId>org.apache.thrift</groupId>
<artifactId>libthrift</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
diff --git a/onboarding/pom.xml b/onboarding/pom.xml
index 0ab08d070f..aec0e928e0 100644
--- a/onboarding/pom.xml
+++ b/onboarding/pom.xml
@@ -64,13 +64,11 @@
<classmate.version>1.3.3</classmate.version>
<commons.codec.version>1.10</commons.codec.version>
<commons.digester.version>2.1</commons.digester.version>
- <commons.io.version>2.5</commons.io.version>
<commons.lang.version>2.6</commons.lang.version>
<commons.lang3.version>3.4</commons.lang3.version>
<cxf.version>3.3.6</cxf.version>
<datastax.cassandra.version>3.8.0</datastax.cassandra.version>
<groovy.minimal.version>1.5.8</groovy.minimal.version>
- <freemarker.version>2.3.26-incubating</freemarker.version>
<hibernate.validator.version>5.3.6.Final</hibernate.validator.version>
<http.client.version>4.5.3</http.client.version>
<http.core.version>4.4.1</http.core.version>
diff --git a/openecomp-be/lib/openecomp-sdc-model-lib/openecomp-sdc-model-impl/pom.xml b/openecomp-be/lib/openecomp-sdc-model-lib/openecomp-sdc-model-impl/pom.xml
index 997e81a2b3..c086f9a7c3 100644
--- a/openecomp-be/lib/openecomp-sdc-model-lib/openecomp-sdc-model-impl/pom.xml
+++ b/openecomp-be/lib/openecomp-sdc-model-lib/openecomp-sdc-model-impl/pom.xml
@@ -63,7 +63,7 @@
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
- <version>2.5</version>
+ <version>${commons.io.version}</version>
</dependency>
<dependency>
<groupId>org.openecomp.sdc</groupId>
diff --git a/openecomp-be/lib/openecomp-sdc-tosca-generator-lib/openecomp-sdc-tosca-generator-core/pom.xml b/openecomp-be/lib/openecomp-sdc-tosca-generator-lib/openecomp-sdc-tosca-generator-core/pom.xml
index 52c2568f9d..9f8f9b1456 100644
--- a/openecomp-be/lib/openecomp-sdc-tosca-generator-lib/openecomp-sdc-tosca-generator-core/pom.xml
+++ b/openecomp-be/lib/openecomp-sdc-tosca-generator-lib/openecomp-sdc-tosca-generator-core/pom.xml
@@ -53,7 +53,7 @@
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
- <version>2.5</version>
+ <version>${commons.io.version}</version>
</dependency>
</dependencies>
diff --git a/openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/pom.xml b/openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/pom.xml
index 6f5562496b..66c6d53bbe 100644
--- a/openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/pom.xml
+++ b/openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/pom.xml
@@ -68,7 +68,7 @@
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
- <version>2.5</version>
+ <version>${commons.io.version}</version>
</dependency>
<dependency>
<groupId>org.openecomp.sdc</groupId>
diff --git a/openecomp-be/lib/openecomp-sdc-vendor-software-product-lib/openecomp-sdc-vendor-software-product-api/pom.xml b/openecomp-be/lib/openecomp-sdc-vendor-software-product-lib/openecomp-sdc-vendor-software-product-api/pom.xml
index 81a5233b28..666f464cae 100644
--- a/openecomp-be/lib/openecomp-sdc-vendor-software-product-lib/openecomp-sdc-vendor-software-product-api/pom.xml
+++ b/openecomp-be/lib/openecomp-sdc-vendor-software-product-lib/openecomp-sdc-vendor-software-product-api/pom.xml
@@ -1,72 +1,75 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns="http://maven.apache.org/POM/4.0.0"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
+ xmlns="http://maven.apache.org/POM/4.0.0"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.openecomp.sdc</groupId>
- <artifactId>openecomp-sdc-vendor-software-product-lib</artifactId>
- <version>1.9.0-SNAPSHOT</version>
- </parent>
+ <parent>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>openecomp-sdc-vendor-software-product-lib</artifactId>
+ <version>1.9.0-SNAPSHOT</version>
+ </parent>
- <artifactId>openecomp-sdc-vendor-software-product-api</artifactId>
+ <artifactId>openecomp-sdc-vendor-software-product-api</artifactId>
+ <properties>
+ <freemarker.version>2.3.30</freemarker.version>
+ </properties>
- <dependencies>
- <dependency>
- <groupId>org.openecomp.sdc.core</groupId>
- <artifactId>openecomp-core-lib</artifactId>
- <type>pom</type>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc.core</groupId>
- <artifactId>openecomp-facade-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc.core</groupId>
- <artifactId>openecomp-nosqldb-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc</groupId>
- <artifactId>openecomp-sdc-versioning-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc</groupId>
- <artifactId>openecomp-sdc-translator-core</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc</groupId>
- <artifactId>openecomp-sdc-enrichment-api</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.freemarker</groupId>
- <artifactId>freemarker</artifactId>
- <version>${freemarker.version}</version>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc.core</groupId>
- <artifactId>openecomp-config-lib</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.projectlombok</groupId>
- <artifactId>lombok</artifactId>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc.be</groupId>
- <artifactId>common-be</artifactId>
- <version>${project.version}</version>
- <scope>compile</scope>
- </dependency>
- </dependencies>
+ <dependencies>
+ <dependency>
+ <groupId>org.openecomp.sdc.core</groupId>
+ <artifactId>openecomp-core-lib</artifactId>
+ <type>pom</type>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc.core</groupId>
+ <artifactId>openecomp-facade-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc.core</groupId>
+ <artifactId>openecomp-nosqldb-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>openecomp-sdc-versioning-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>openecomp-sdc-translator-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>openecomp-sdc-enrichment-api</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.freemarker</groupId>
+ <artifactId>freemarker</artifactId>
+ <version>${freemarker.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc.core</groupId>
+ <artifactId>openecomp-config-lib</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.projectlombok</groupId>
+ <artifactId>lombok</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc.be</groupId>
+ <artifactId>common-be</artifactId>
+ <version>${project.version}</version>
+ <scope>compile</scope>
+ </dependency>
+ </dependencies>
</project>
diff --git a/pom.xml b/pom.xml
index 00ec81f0fc..5427d1de4f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -57,7 +57,8 @@ Modifications copyright (c) 2018-2019 Nokia
<cadi.version>2.1.8</cadi.version>
<lombok.version>1.18.18</lombok.version>
<commons-beanutils>1.9.4</commons-beanutils>
- <commons-configuration>2.3</commons-configuration>
+ <commons.io.version>2.7</commons.io.version>
+ <commons-configuration>2.7</commons-configuration>
<apache-poi.version>4.1.0</apache-poi.version>
<onap.logging.version>1.6.1</onap.logging.version>
<apache-commons-text.version>1.9</apache-commons-text.version>
diff --git a/utils/webseal-simulator/pom.xml b/utils/webseal-simulator/pom.xml
index ca95ef8cdc..77038961f4 100644
--- a/utils/webseal-simulator/pom.xml
+++ b/utils/webseal-simulator/pom.xml
@@ -45,7 +45,7 @@
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
- <version>2.4</version>
+ <version>2.7</version>
</dependency>
<dependency>