Fix library CVEs in SO

Fix additional CVEs: commons-fileupload 1.3.3 For CVE-2016-1000031 logback 1.1.11 For CVE-2017-5929 springframework 4.3.14.RELEASE For CVE-2014-0225 CVE-2015-5211 Issue-ID: SO-579 Change-Id: I94f8332d420d2586262260a0a59a645f0de66b73 Signed-off-by: chenying83 <chenying83@huawei.com>
author: chenying83 <chenying83@huawei.com> 2018-04-26 08:20:10 +0000
committer: chenying83 <chenying83@huawei.com> 2018-04-26 08:20:10 +0000
commit: 98e3f70497d2cdde07bb03a57fdd2ebdf3208882 (patch)
tree: ce2d6f0dbff4f98e0a3612c05edbdab2ec0752c8 /pom.xml
parent: efdfc40f759c70b9ab2ac7e23de42c7d211fde79 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/pom.xml b/pom.xml
index ed64d08b70..73286d651c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -529,6 +529,24 @@
       <version>${resteasy.version}</version>
       <scope>test</scope>
     </dependency>
+    <!-- For CVE-2016-1000031 -->
+    <dependency>
+      <groupId>commons-fileupload</groupId>
+      <artifactId>commons-fileupload</artifactId>
+      <version>1.3.3</version>
+    </dependency>
+    <!-- For CVE-2017-5929 -->
+    <dependency>
+      <groupId>ch.qos.logback</groupId>
+      <artifactId>logback-core</artifactId>
+      <version>1.1.11</version>
+    </dependency>
+    <!-- For CVE-2014-0225 CVE-2015-5211 -->
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-core</artifactId>
+      <version>4.3.14.RELEASE</version>
+    </dependency>
   </dependencies>
   <dependencyManagement>
     <dependencies>
author	chenying83 <chenying83@huawei.com>	2018-04-26 08:20:10 +0000
committer	chenying83 <chenying83@huawei.com>	2018-04-26 08:20:10 +0000
commit	98e3f70497d2cdde07bb03a57fdd2ebdf3208882 (patch)
tree	ce2d6f0dbff4f98e0a3612c05edbdab2ec0752c8 /pom.xml
parent	efdfc40f759c70b9ab2ac7e23de42c7d211fde79 (diff)