diff options
| author |   vasraz <vasyl.razinkov@est.tech> | 2021-11-29 17:42:02 +0000 |
|---|---|---|
| committer |   Michael Morris <michael.morris@est.tech> | 2021-12-07 09:30:30 +0000 |
| commit | 987fc74925dc4051f08913393924d2b826d7e59c (patch) | |
| tree | 50ed0e7ee1e9105af8fc8190aac4ac660ba6aa4c | |
| parent | 5c9d068e66264be8db6018cb551db7c05e8e2596 (diff) | |
Fix vulnerable dependency
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Issue-ID: SDC-3795
Change-Id: Ib6f7902b2f8380ad9febcc2fad0374e8070af15c
36 files changed, 279 insertions, 62 deletions
diff --git a/asdctool/pom.xml b/asdctool/pom.xml index 231104edb9..a0423a3b77 100644 --- a/asdctool/pom.xml +++ b/asdctool/pom.xml @@ -38,6 +38,12 @@ <artifactId>common-app-api</artifactId> <version>${project.version}</version> <scope>compile</scope> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> @@ -329,6 +335,10 @@ <groupId>dom4j</groupId> <artifactId>dom4j</artifactId> </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> </exclusions> </dependency> @@ -419,6 +429,12 @@ <artifactId>httpclient</artifactId> <version>${httpclient.version}</version> <scope>compile</scope> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> diff --git a/asdctool/sdc-cassandra-init/Dockerfile b/asdctool/sdc-cassandra-init/Dockerfile index 33d8738278..979ab6f364 100644 --- a/asdctool/sdc-cassandra-init/Dockerfile +++ b/asdctool/sdc-cassandra-init/Dockerfile @@ -1,8 +1,6 @@ -FROM onap/policy-jdk-debian:2.0.1 +FROM onap/policy-jdk-debian:2.0.2 -#RUN addgroup --gid 1000 sdc RUN addgroup sdc -#RUN adduser --gecos "sdc sdc,1,1,1" -u 1000 --disabled-password --ingroup sdc --shell /bin/sh sdc RUN adduser --gecos "sdc sdc,1,1,1" --disabled-password --ingroup sdc --shell /bin/sh sdc USER sdc RUN mkdir ~/.cassandra/ && \ @@ -11,6 +9,7 @@ RUN mkdir ~/.cassandra/ && \ USER root RUN apt-get update --allow-releaseinfo-change && apt-get install -y python-pip && \ + python -m pip install --upgrade pip \ pip install cqlsh && \ mkdir ~/.cassandra/ && \ echo '[cql]' > ~/.cassandra/cqlshrc && \ @@ -35,4 +34,3 @@ COPY --chown=sdc:sdc startup.sh /home/sdc/ RUN chmod 770 /home/sdc/startup.sh ENTRYPOINT [ "/home/sdc/startup.sh" ] - diff --git a/catalog-be-plugins/etsi-nfv-nsd-csar-plugin/pom.xml b/catalog-be-plugins/etsi-nfv-nsd-csar-plugin/pom.xml index f536f854e8..794ac08a83 100644 --- a/catalog-be-plugins/etsi-nfv-nsd-csar-plugin/pom.xml +++ b/catalog-be-plugins/etsi-nfv-nsd-csar-plugin/pom.xml @@ -74,6 +74,10 @@ <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> </exclusion> + <exclusion> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-classic</artifactId> + </exclusion> </exclusions> </dependency> <dependency> diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml index befbad13b2..842407eb1d 100644 --- a/catalog-be/pom.xml +++ b/catalog-be/pom.xml @@ -80,6 +80,10 @@ <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-core</artifactId> </exclusion> + <exclusion> + <groupId>io.github.classgraph</groupId> + <artifactId>classgraph</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -104,6 +108,10 @@ <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-core</artifactId> </exclusion> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> </exclusions> </dependency> @@ -283,6 +291,12 @@ <artifactId>httpclient</artifactId> <version>${httpclient.version}</version> <scope>compile</scope> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> @@ -472,6 +486,10 @@ <groupId>dom4j</groupId> <artifactId>dom4j</artifactId> </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> </exclusions> </dependency> @@ -716,6 +734,10 @@ <artifactId>apache-log4j-extras</artifactId> <groupId>log4j</groupId> </exclusion> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient-cache</artifactId> + </exclusion> </exclusions> </dependency> <dependency> diff --git a/catalog-be/sdc-backend-init/Dockerfile b/catalog-be/sdc-backend-init/Dockerfile index 35e485b197..8f6da77d19 100644 --- a/catalog-be/sdc-backend-init/Dockerfile +++ b/catalog-be/sdc-backend-init/Dockerfile @@ -18,16 +18,13 @@ RUN apk update && \ libxml2-dev \ build-base \ curl-dev && \ - # needed libcurl to install correctly - pip install 'pycurl==7.43.0.1' && \ - set -ex && \ - gem install \ - chef:13.8.5 \ - berkshelf:6.3.1 \ - io-console:0.4.6 \ - etc webrick \ - --no-document && \ - apk del .build-dependencies + # needed libcurl to install correctly \ + python -m pip install --upgrade pip \ + pip install 'pycurl==7.44.1' && \ + set -ex && \ + gem install chef:13.8.5 berkshelf:6.3.1 io-console:0.4.6 etc webrick --no-document && \ + apk del .build-dependencies && \ + gem cleanup ENV ONAP_LOG=/home/onap/logs RUN mkdir $ONAP_LOG && chown onap:onap $ONAP_LOG @@ -47,9 +44,7 @@ RUN chmod 770 -R /home/onap/scripts && \ ENV PATH=$PATH:/home/onap/.local/bin COPY --chown=onap:onap chef-solo /home/onap/chef-solo/ - COPY --chown=onap:onap chef-repo/cookbooks /home/onap/chef-solo/cookbooks/ - COPY --chown=onap:onap startup.sh /home/onap/ RUN chmod 770 /home/onap/startup.sh diff --git a/catalog-be/src/main/docker/backend/Dockerfile b/catalog-be/src/main/docker/backend/Dockerfile index 30daaf46dd..dabea05042 100644 --- a/catalog-be/src/main/docker/backend/Dockerfile +++ b/catalog-be/src/main/docker/backend/Dockerfile @@ -1,4 +1,4 @@ -FROM onap/integration-java11:8.0.0 +FROM onap/integration-java11:9.0.0 USER root ARG JETTY_FOLDER=/app/jetty @@ -12,12 +12,7 @@ RUN set -ex && \ ruby-dev \ libffi-dev \ libxml2-dev && \ - gem install \ - chef:13.8.5 \ - berkshelf:6.3.1 \ - io-console:0.4.6 \ - etc webrick \ - --no-document && \ + gem install chef:13.8.5 berkshelf:6.3.1 io-console:0.4.6 etc webrick --no-document && \ gem cleanup && \ apk update @@ -31,7 +26,7 @@ RUN mkdir $JETTY_FOLDER && chown onap:onap $JETTY_FOLDER USER onap #Download jetty -RUN wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.31.v20200723/jetty-distribution-9.4.31.v20200723.tar.gz -O $JETTY_FOLDER/jetty.tar.gz && \ +RUN wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.41.v20210516/jetty-distribution-9.4.41.v20210516.tar.gz -O $JETTY_FOLDER/jetty.tar.gz && \ tar xvz -C $JETTY_FOLDER -f $JETTY_FOLDER/jetty.tar.gz --strip 1 && \ rm -rf $JETTY_FOLDER/jetty.tar.gz diff --git a/catalog-dao/pom.xml b/catalog-dao/pom.xml index f5e305b12b..6d36d960fa 100644 --- a/catalog-dao/pom.xml +++ b/catalog-dao/pom.xml @@ -45,6 +45,12 @@ Modifications copyright (c) 2018 Nokia <artifactId>common-app-api</artifactId> <version>${project.version}</version> <scope>provided</scope> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> @@ -171,6 +177,12 @@ Modifications copyright (c) 2018 Nokia <groupId>org.apache.lucene</groupId> <artifactId>lucene-regex</artifactId> <version>${regex.version}</version> + <exclusions> + <exclusion> + <groupId>org.apache.lucene</groupId> + <artifactId>lucene-core</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> @@ -212,6 +224,10 @@ Modifications copyright (c) 2018 Nokia <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> </exclusion> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> </exclusions> </dependency> @@ -315,6 +331,10 @@ Modifications copyright (c) 2018 Nokia <groupId>dom4j</groupId> <artifactId>dom4j</artifactId> </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> </exclusions> </dependency> @@ -405,6 +425,10 @@ Modifications copyright (c) 2018 Nokia <groupId>org.apache.thrift</groupId> <artifactId>libthrift</artifactId> </exclusion> + <exclusion> + <groupId>net.java.dev.jna</groupId> + <artifactId>jna</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -424,9 +448,26 @@ Modifications copyright (c) 2018 Nokia <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> </exclusion> + <exclusion> + <groupId>net.java.dev.jna</groupId> + <artifactId>jna</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>log4j-over-slf4j</artifactId> + </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> </exclusions> <scope>test</scope> </dependency> + <dependency> + <groupId>net.java.dev.jna</groupId> + <artifactId>jna</artifactId> + <version>5.10.0</version> + </dependency> <!-- CASSANDRA END --> <dependency> diff --git a/catalog-fe/pom.xml b/catalog-fe/pom.xml index 85b93c5228..a43dd9a813 100644 --- a/catalog-fe/pom.xml +++ b/catalog-fe/pom.xml @@ -35,6 +35,12 @@ <groupId>org.openecomp.sdc</groupId> <artifactId>common-app-api</artifactId> <version>${project.version}</version> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <!-- File changes listener --> @@ -151,7 +157,12 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>${httpclient.version}</version> - <scope>compile</scope> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> @@ -165,7 +176,12 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpmime</artifactId> <version>${httpclient.version}</version> - <scope>compile</scope> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> diff --git a/catalog-fe/sdc-frontend/Dockerfile b/catalog-fe/sdc-frontend/Dockerfile index 65950cb0e1..9e5fad6c88 100644 --- a/catalog-fe/sdc-frontend/Dockerfile +++ b/catalog-fe/sdc-frontend/Dockerfile @@ -1,4 +1,4 @@ -FROM onap/integration-java11:8.0.0 +FROM onap/integration-java11:9.0.0 USER root ARG JETTY_FOLDER=/app/jetty @@ -12,12 +12,7 @@ RUN set -ex && \ ruby-dev \ libffi-dev \ libxml2-dev && \ - gem install \ - chef:13.8.5 \ - berkshelf:6.3.1 \ - io-console:0.4.6 \ - etc webrick \ - --no-document && \ + gem install chef:13.8.5 berkshelf:6.3.1 io-console:0.4.6 etc webrick --no-document && \ gem cleanup && \ apk update @@ -31,7 +26,7 @@ RUN mkdir $JETTY_FOLDER && chown onap:onap $JETTY_FOLDER USER onap #Download jetty -RUN wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.31.v20200723/jetty-distribution-9.4.31.v20200723.tar.gz -O $JETTY_FOLDER/jetty.tar.gz && \ +RUN wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.41.v20210516/jetty-distribution-9.4.41.v20210516.tar.gz -O $JETTY_FOLDER/jetty.tar.gz && \ tar xvz -C $JETTY_FOLDER -f $JETTY_FOLDER/jetty.tar.gz --strip 1 && \ rm -rf $JETTY_FOLDER/jetty.tar.gz RUN sed -i 's/"jetty"/"onap"/g' $JETTY_FOLDER/etc/jetty-setuid.xml diff --git a/catalog-model/pom.xml b/catalog-model/pom.xml index 57d5e8b458..df4d054827 100644 --- a/catalog-model/pom.xml +++ b/catalog-model/pom.xml @@ -45,6 +45,10 @@ <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-core</artifactId> </exclusion> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> </exclusions> </dependency> @@ -216,6 +220,10 @@ <groupId>dom4j</groupId> <artifactId>dom4j</artifactId> </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> </exclusions> </dependency> @@ -270,6 +278,10 @@ <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> </exclusion> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> </exclusions> </dependency> diff --git a/common-app-api/pom.xml b/common-app-api/pom.xml index 8dbed601e5..e1640e5745 100644 --- a/common-app-api/pom.xml +++ b/common-app-api/pom.xml @@ -126,6 +126,12 @@ <artifactId>httpclient</artifactId> <version>${httpclient.version}</version> <scope>provided</scope> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> @@ -277,7 +283,7 @@ <dependency> <groupId>org.jsoup</groupId> <artifactId>jsoup</artifactId> - <version>1.8.3</version> + <version>1.14.3</version> </dependency> <dependency> diff --git a/common-app-api/src/main/java/org/openecomp/sdc/common/util/ValidationUtils.java b/common-app-api/src/main/java/org/openecomp/sdc/common/util/ValidationUtils.java index 82e1b924b6..a0403de8ff 100644 --- a/common-app-api/src/main/java/org/openecomp/sdc/common/util/ValidationUtils.java +++ b/common-app-api/src/main/java/org/openecomp/sdc/common/util/ValidationUtils.java @@ -33,7 +33,7 @@ import org.apache.commons.text.StringEscapeUtils; import org.apache.commons.text.WordUtils; import org.apache.commons.validator.routines.UrlValidator; import org.jsoup.Jsoup; -import org.jsoup.safety.Whitelist; +import org.jsoup.safety.Safelist; public class ValidationUtils { @@ -117,6 +117,7 @@ public class ValidationUtils { public static final Integer POLICY_MAX_LENGTH = 1024; public static final Pattern POLICY_NAME_PATTERN = Pattern.compile("^[\\w][\\w \\.\\-\\_\\:\\+]{0," + (POLICY_MAX_LENGTH - 1) + "}$"); private static final Set<String> CATEGORY_CONJUNCTIONS = new HashSet<>(Arrays.asList("of", "to", "for", "as", "a", "an", "the")); + private ValidationUtils() { } @@ -262,7 +263,7 @@ public class ValidationUtils { } public static String removeHtmlTags(String str) { - return Jsoup.clean(str, Whitelist.none()); + return Jsoup.clean(str, Safelist.none()); } public static String removeAllTags(String htmlText) { diff --git a/common-be/pom.xml b/common-be/pom.xml index d84eec5c0c..dc8509f8d4 100644 --- a/common-be/pom.xml +++ b/common-be/pom.xml @@ -39,6 +39,10 @@ <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> </exclusion> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> </exclusions> </dependency> diff --git a/common/onap-common-configuration-management/onap-configuration-management-api/pom.xml b/common/onap-common-configuration-management/onap-configuration-management-api/pom.xml index aed8547cbf..8b8ecdda80 100644 --- a/common/onap-common-configuration-management/onap-configuration-management-api/pom.xml +++ b/common/onap-common-configuration-management/onap-configuration-management-api/pom.xml @@ -17,6 +17,12 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>${httpclient.version}</version> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> diff --git a/common/onap-common-configuration-management/onap-configuration-management-core/pom.xml b/common/onap-common-configuration-management/onap-configuration-management-core/pom.xml index cc29a3e6df..fb996a4525 100755 --- a/common/onap-common-configuration-management/onap-configuration-management-core/pom.xml +++ b/common/onap-common-configuration-management/onap-configuration-management-core/pom.xml @@ -89,7 +89,7 @@ <dependency> <groupId>io.github.classgraph</groupId> <artifactId>classgraph</artifactId> - <version>4.8.78</version> + <version>4.8.112</version> </dependency> <dependency> <groupId>com.virtlink.commons</groupId> @@ -117,6 +117,7 @@ <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> + <version>${logback.version}</version> <scope>test</scope> </dependency> <dependency> diff --git a/integration-tests/pom.xml b/integration-tests/pom.xml index d0eebdba5d..ad886c50f1 100644 --- a/integration-tests/pom.xml +++ b/integration-tests/pom.xml @@ -118,6 +118,16 @@ limitations under the License. <artifactId>extentreports</artifactId> <version>3.0.6</version> <scope>test</scope> + <exclusions> + <exclusion> + <groupId>org.jsoup</groupId> + <artifactId>jsoup</artifactId> + </exclusion> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpmime</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.janusgraph</groupId> @@ -157,6 +167,10 @@ limitations under the License. <groupId>dom4j</groupId> <artifactId>dom4j</artifactId> </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -187,6 +201,10 @@ limitations under the License. <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> </exclusion> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -258,6 +276,10 @@ limitations under the License. <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-core</artifactId> </exclusion> + <exclusion> + <groupId>org.slf4j</groupId> + <artifactId>jcl-over-slf4j</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -271,6 +293,16 @@ limitations under the License. <artifactId>proxy-vole</artifactId> <version>1.0.2</version> <scope>test</scope> + <exclusions> + <exclusion> + <groupId>net.java.dev.jna</groupId> + <artifactId>jna</artifactId> + </exclusion> + <exclusion> + <groupId>net.java.dev.jna</groupId> + <artifactId>jna-platform</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>commons-net</groupId> diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/action-library-rest/action-library-rest-services/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/action-library-rest/action-library-rest-services/pom.xml index 8deb9c8ed4..081e2c9502 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/action-library-rest/action-library-rest-services/pom.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/action-library-rest/action-library-rest-services/pom.xml @@ -82,6 +82,12 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>${http.client.version}</version> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.apache.httpcomponents</groupId> diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/externaltesting-rest/externaltesting-rest-services/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/externaltesting-rest/externaltesting-rest-services/pom.xml index 8336672b3f..dcdf931201 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/externaltesting-rest/externaltesting-rest-services/pom.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/externaltesting-rest/externaltesting-rest-services/pom.xml @@ -86,6 +86,12 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>${http.client.version}</version> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>javax.inject</groupId> diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-services/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-services/pom.xml index d2584124a6..0d6a2e605c 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-services/pom.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/item-rest/item-rest-services/pom.xml @@ -32,6 +32,12 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>${http.client.version}</version> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>javax.inject</groupId> diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/pom.xml index 8765d6618c..76185540c6 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/pom.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/pom.xml @@ -178,6 +178,12 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>${http.client.version}</version> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.apache.cxf</groupId> diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/validation-rest/validation-rest-services/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/validation-rest/validation-rest-services/pom.xml index 6a6977b89f..6df2adf80b 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/validation-rest/validation-rest-services/pom.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/validation-rest/validation-rest-services/pom.xml @@ -86,6 +86,12 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>${http.client.version}</version> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>javax.inject</groupId> diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-services/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-services/pom.xml index 0a3a1b32b0..448d62bd64 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-services/pom.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-license-rest/vendor-license-rest-services/pom.xml @@ -65,6 +65,12 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>${http.client.version}</version> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.apache.httpcomponents</groupId> diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/pom.xml index 49c4be2e4a..d111164697 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/pom.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/pom.xml @@ -82,6 +82,17 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>${http.client.version}</version> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + <version>${httpcore.version}</version> </dependency> <!-- Java Stuff --> diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vnf-repository-rest-services/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vnf-repository-rest-services/pom.xml index 0ba0a9ceb0..181c28975c 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vnf-repository-rest-services/pom.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vnf-repository-rest-services/pom.xml @@ -116,6 +116,7 @@ <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> + <version>${logback.version}</version> <scope>test</scope> </dependency> <dependency> diff --git a/openecomp-be/backend/openecomp-sdc-security-util/pom.xml b/openecomp-be/backend/openecomp-sdc-security-util/pom.xml index 39c663269e..d3095b1db7 100644 --- a/openecomp-be/backend/openecomp-sdc-security-util/pom.xml +++ b/openecomp-be/backend/openecomp-sdc-security-util/pom.xml @@ -23,6 +23,12 @@ <groupId>org.apache.commons</groupId> <artifactId>commons-crypto</artifactId> <version>1.0.0</version> + <exclusions> + <exclusion> + <groupId>net.java.dev.jna</groupId> + <artifactId>jna</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile index c3f3a757ac..f8d33d0248 100644 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile @@ -1,4 +1,4 @@ -FROM onap/integration-java11:8.0.0 +FROM onap/integration-java11:9.0.0 USER root ARG JETTY_FOLDER=/app/jetty @@ -13,12 +13,7 @@ RUN set -ex && \ libffi-dev \ libxml2-dev \ libressl-dev && \ - gem install \ - chef:13.8.5 \ - berkshelf:6.3.1 \ - io-console:0.4.6 \ - etc webrick \ - --no-document && \ + gem install chef:13.8.5 berkshelf:6.3.1 io-console:0.4.6 etc webrick --no-document && \ gem cleanup && \ apk update @@ -32,12 +27,11 @@ RUN mkdir $JETTY_FOLDER && chown onap:onap $JETTY_FOLDER USER onap #Download jetty -RUN wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.31.v20200723/jetty-distribution-9.4.31.v20200723.tar.gz -O $JETTY_FOLDER/jetty.tar.gz && \ +RUN wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.41.v20210516/jetty-distribution-9.4.41.v20210516.tar.gz -O $JETTY_FOLDER/jetty.tar.gz && \ tar xvz -C $JETTY_FOLDER -f $JETTY_FOLDER/jetty.tar.gz --strip 1 && \ rm -rf $JETTY_FOLDER/jetty.tar.gz RUN sed -i 's/"jetty"/"onap"/g' $JETTY_FOLDER/etc/jetty-setuid.xml - COPY --chown=onap:onap chef-solo $JETTY_FOLDER/chef-solo/ COPY --chown=onap:onap chef-repo/cookbooks $JETTY_FOLDER/chef-solo/cookbooks/ ADD --chown=onap:onap onboarding-be-*.war $JETTY_FOLDER/webapps/ diff --git a/openecomp-be/dist/sdc-onboard-db-init-docker/artifacts/Dockerfile b/openecomp-be/dist/sdc-onboard-db-init-docker/artifacts/Dockerfile index af87d3db34..a30cb461d1 100644 --- a/openecomp-be/dist/sdc-onboard-db-init-docker/artifacts/Dockerfile +++ b/openecomp-be/dist/sdc-onboard-db-init-docker/artifacts/Dockerfile @@ -1,8 +1,6 @@ -FROM onap/policy-jdk-debian:2.0.1 +FROM onap/policy-jdk-debian:2.0.2 -#RUN addgroup --gid 1000 sdc RUN addgroup sdc -#RUN adduser --gecos "sdc sdc,1,1,1" -u 1000 --disabled-password --ingroup sdc --shell /bin/sh sdc RUN adduser --gecos "sdc sdc,1,1,1" --disabled-password --ingroup sdc --shell /bin/sh sdc USER sdc RUN mkdir ~/.cassandra/ && \ @@ -11,11 +9,13 @@ RUN mkdir ~/.cassandra/ && \ USER root RUN apt-get update --allow-releaseinfo-change && apt-get install -y python-pip && \ + python -m pip install --upgrade pip \ pip install cqlsh && \ mkdir ~/.cassandra/ && \ echo '[cql]' > ~/.cassandra/cqlshrc && \ echo 'version=3.4.4' >> ~/.cassandra/cqlshrc && \ set -ex && \ + python -m pip install --upgrade pip \ pip install cqlsh && \ apt-get install -y \ make \ diff --git a/openecomp-be/lib/openecomp-common-lib/pom.xml b/openecomp-be/lib/openecomp-common-lib/pom.xml index e880b547c7..3cd75a20b3 100644 --- a/openecomp-be/lib/openecomp-common-lib/pom.xml +++ b/openecomp-be/lib/openecomp-common-lib/pom.xml @@ -33,6 +33,7 @@ <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> + <version>${logback.version}</version> <scope>runtime</scope> </dependency> <dependency> diff --git a/openecomp-be/lib/openecomp-core-lib/openecomp-utilities-lib/pom.xml b/openecomp-be/lib/openecomp-core-lib/openecomp-utilities-lib/pom.xml index 7569267c1a..d8f28d83f8 100644 --- a/openecomp-be/lib/openecomp-core-lib/openecomp-utilities-lib/pom.xml +++ b/openecomp-be/lib/openecomp-core-lib/openecomp-utilities-lib/pom.xml @@ -98,6 +98,12 @@ <artifactId>common-app-api</artifactId> <version>${project.version}</version> <scope>compile</scope> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> </dependencies> diff --git a/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-core/pom.xml b/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-core/pom.xml index ef2a9d170c..033fb31fad 100644 --- a/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-core/pom.xml +++ b/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-core/pom.xml @@ -26,6 +26,7 @@ <dependency> <groupId>ch.qos.logback</groupId> <artifactId>logback-classic</artifactId> + <version>${logback.version}</version> <scope>provided</scope> </dependency> </dependencies> diff --git a/openecomp-be/lib/openecomp-sdc-notification-lib/openecomp-sdc-notification-websocket/pom.xml b/openecomp-be/lib/openecomp-sdc-notification-lib/openecomp-sdc-notification-websocket/pom.xml index a5e1eae19e..475ce54d49 100644 --- a/openecomp-be/lib/openecomp-sdc-notification-lib/openecomp-sdc-notification-websocket/pom.xml +++ b/openecomp-be/lib/openecomp-sdc-notification-lib/openecomp-sdc-notification-websocket/pom.xml @@ -36,7 +36,7 @@ <dependency> <groupId>com.google.code.gson</groupId> <artifactId>gson</artifactId> - <version>2.3.1</version> + <version>${gson.version}</version> </dependency> <dependency> <groupId>org.springframework</groupId> diff --git a/openecomp-be/lib/openecomp-sdc-notification-lib/openecomp-sdc-notification-worker/pom.xml b/openecomp-be/lib/openecomp-sdc-notification-lib/openecomp-sdc-notification-worker/pom.xml index af981b3d3b..3935875d0e 100644 --- a/openecomp-be/lib/openecomp-sdc-notification-lib/openecomp-sdc-notification-worker/pom.xml +++ b/openecomp-be/lib/openecomp-sdc-notification-lib/openecomp-sdc-notification-worker/pom.xml @@ -62,6 +62,12 @@ <artifactId>httpclient</artifactId> <version>${http.client.version}</version> <scope>provided</scope> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.apache.httpcomponents</groupId> diff --git a/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-impl/pom.xml b/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-impl/pom.xml index af26b68ec2..e10a9698fd 100644 --- a/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-impl/pom.xml +++ b/openecomp-be/lib/openecomp-sdc-validation-lib/openecomp-sdc-validation-impl/pom.xml @@ -99,6 +99,12 @@ <artifactId>httpmime</artifactId> <version>${httpclient.version}</version> <scope>compile</scope> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> </dependency> </dependencies> @@ -100,7 +100,7 @@ Modifications copyright (c) 2018-2019 Nokia <!-- Logging start --> <!-- logback --> - <logback.version>1.2.3</logback.version> + <logback.version>1.2.7</logback.version> <slf4j-api.version>1.7.25</slf4j-api.version> <commons-codec>1.15</commons-codec> <commons-logging>1.2</commons-logging> @@ -120,7 +120,7 @@ Modifications copyright (c) 2018-2019 Nokia <regex.version>3.0.3</regex.version> <!--GSON--> - <gson.version>2.3.1</gson.version> + <gson.version>2.8.9</gson.version> <!--listen to file changes--> <commons-jci-core.version>1.1</commons-jci-core.version> diff --git a/utils/webseal-simulator/pom.xml b/utils/webseal-simulator/pom.xml index e9801c9402..7f1db049a6 100644 --- a/utils/webseal-simulator/pom.xml +++ b/utils/webseal-simulator/pom.xml @@ -32,8 +32,18 @@ <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> <version>${httpclient.version}</version> + <exclusions> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + <version>${httpcore.version}</version> </dependency> - <dependency> <groupId>commons-logging</groupId> diff --git a/utils/webseal-simulator/sdc-simulator/Dockerfile b/utils/webseal-simulator/sdc-simulator/Dockerfile index 31af19e8be..4c5e0ba319 100644 --- a/utils/webseal-simulator/sdc-simulator/Dockerfile +++ b/utils/webseal-simulator/sdc-simulator/Dockerfile @@ -1,4 +1,4 @@ -FROM onap/integration-java11:8.0.0 +FROM onap/integration-java11:9.0.0 USER root ARG JETTY_FOLDER=/app/jetty @@ -12,12 +12,7 @@ RUN set -ex && \ ruby-dev \ libffi-dev \ libxml2-dev && \ - gem install \ - chef:13.8.5 \ - berkshelf:6.3.1 \ - io-console:0.4.6 \ - etc webrick \ - --no-document && \ + gem install chef:13.8.5 berkshelf:6.3.1 io-console:0.4.6 etc webrick --no-document && \ gem cleanup && \ apk update @@ -31,7 +26,7 @@ RUN mkdir $JETTY_FOLDER && chown onap:onap $JETTY_FOLDER USER onap #Download jetty -RUN wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.31.v20200723/jetty-distribution-9.4.31.v20200723.tar.gz -O $JETTY_FOLDER/jetty.tar.gz && \ +RUN wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.41.v20210516/jetty-distribution-9.4.41.v20210516.tar.gz -O $JETTY_FOLDER/jetty.tar.gz && \ tar xvz -C $JETTY_FOLDER -f $JETTY_FOLDER/jetty.tar.gz --strip 1 && \ rm -rf $JETTY_FOLDER/jetty.tar.gz RUN sed -i 's/"jetty"/"onap"/g' $JETTY_FOLDER/etc/jetty-setuid.xml |