From 0e9742f33076348a98dcff8190091b2a89cd327f Mon Sep 17 00:00:00 2001 From: Tal Gitelman Date: Thu, 13 Sep 2018 20:28:32 +0300 Subject: fix security vilation CVE-2018-1000134 Change-Id: Id93a27648c622460db2e86689b64bfa7dc425ef4 Issue-ID: SDC-1726 Signed-off-by: Tal Gitelman --- asdctool/pom.xml | 7 ------- catalog-be/pom.xml | 6 ------ catalog-dao/pom.xml | 7 ------- .../main/java/org/openecomp/sdc/be/dao/es/ElasticSearchClient.java | 3 +-- openecomp-ui/yarn.lock | 6 +++--- 5 files changed, 4 insertions(+), 25 deletions(-) diff --git a/asdctool/pom.xml b/asdctool/pom.xml index e1feb7f630..73fbf08d5c 100644 --- a/asdctool/pom.xml +++ b/asdctool/pom.xml @@ -434,13 +434,6 @@ compile - - org.elasticsearch.plugin - shield - ${elastic-search.version} - compile - - com.datastax.cassandra diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml index a375c6ae3a..c50a78ec35 100644 --- a/catalog-be/pom.xml +++ b/catalog-be/pom.xml @@ -370,12 +370,6 @@ compile - - org.elasticsearch.plugin - shield - ${elastic-search.version} - compile - org.functionaljava diff --git a/catalog-dao/pom.xml b/catalog-dao/pom.xml index 2a2e02ae81..940047db9f 100644 --- a/catalog-dao/pom.xml +++ b/catalog-dao/pom.xml @@ -62,13 +62,6 @@ Modifications copyright (c) 2018 Nokia provided - - org.elasticsearch.plugin - shield - ${elastic-search.version} - provided - - org.springframework diff --git a/catalog-dao/src/main/java/org/openecomp/sdc/be/dao/es/ElasticSearchClient.java b/catalog-dao/src/main/java/org/openecomp/sdc/be/dao/es/ElasticSearchClient.java index 47ce679c29..1547d01ac2 100644 --- a/catalog-dao/src/main/java/org/openecomp/sdc/be/dao/es/ElasticSearchClient.java +++ b/catalog-dao/src/main/java/org/openecomp/sdc/be/dao/es/ElasticSearchClient.java @@ -27,7 +27,6 @@ import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.transport.InetSocketTransportAddress; import org.elasticsearch.node.Node; import org.elasticsearch.node.NodeBuilder; -import org.elasticsearch.shield.ShieldPlugin; import org.openecomp.sdc.common.log.wrappers.Logger; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; @@ -99,7 +98,7 @@ public class ElasticSearchClient { } if (isTransportClient()) { log.info("******* ElasticSearchClient type is Transport Client *****"); - TransportClient transportClient = TransportClient.builder().addPlugin(ShieldPlugin.class).settings(settings) + TransportClient transportClient = TransportClient.builder().settings(settings) .build(); String[] nodesArray = transportClient.settings().getAsArray("transport.client.initial_nodes"); diff --git a/openecomp-ui/yarn.lock b/openecomp-ui/yarn.lock index e3dd7fab33..e7eee7ed02 100644 --- a/openecomp-ui/yarn.lock +++ b/openecomp-ui/yarn.lock @@ -9286,9 +9286,9 @@ scss-tokenizer@^0.2.3: js-base64 "^2.1.8" source-map "^0.4.2" -sdc-ui@1.6.57: - version "1.6.57" - resolved "https://registry.yarnpkg.com/sdc-ui/-/sdc-ui-1.6.57.tgz#9250faa279163e13f36bb91c835b8fe78f77ebaf" +sdc-ui@1.6.58: + version "1.6.58" + resolved "https://registry.yarnpkg.com/sdc-ui/-/sdc-ui-1.6.58.tgz#5cc709dbc21a7d3bcb3b82e044aaaa92142b2032" dependencies: "@angular/common" "~2.4.8" "@angular/core" "~2.4.8" -- cgit 1.2.3-korg