summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorByung-Woo Jun <byung-woo.jun@ericsson.com>2018-03-13 09:34:02 -0400
committerByung-Woo Jun <byung-woo.jun@ericsson.com>2018-03-13 09:34:02 -0400
commit94130e891b64ceae436a5c066c28356fb6b98793 (patch)
tree98f12dcb3b435a932a40662749ad91f393ddad36
parent46173b499aae8546afe19c010e887aad5bb981dd (diff)
Fix the vulnerability issue
Upgrade vulnerable jars with jars without vulnerability Change-Id: I5cd9073a04db79e173fdd3b85e4712a1cf177531 Issue-ID: SO-458 Signed-off-by: byungwoojun<byung-woo.jun@ericsson.com>
-rw-r--r--openstack-client-connectors/http-connector/pom.xml9
-rw-r--r--openstack-client-connectors/resteasy-connector/pom.xml15
-rw-r--r--openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java4
3 files changed, 25 insertions, 3 deletions
diff --git a/openstack-client-connectors/http-connector/pom.xml b/openstack-client-connectors/http-connector/pom.xml
index 3e29591..d351f68 100644
--- a/openstack-client-connectors/http-connector/pom.xml
+++ b/openstack-client-connectors/http-connector/pom.xml
@@ -14,8 +14,15 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <version>4.3.5</version>
+ <!-- <version>4.3.5</version>-->
+ <version>4.5.5</version>
</dependency>
+ <!-- bwj: added httpcore -->
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpcore</artifactId>
+ <version>4.4.4</version>
+ </dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-mapper-asl</artifactId>
diff --git a/openstack-client-connectors/resteasy-connector/pom.xml b/openstack-client-connectors/resteasy-connector/pom.xml
index 09e85c3..67a219d 100644
--- a/openstack-client-connectors/resteasy-connector/pom.xml
+++ b/openstack-client-connectors/resteasy-connector/pom.xml
@@ -13,18 +13,31 @@
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-jaxrs</artifactId>
- <version>2.3.2.Final</version>
+ <!-- replaced with 3.5.0.Final <version>2.3.2.Final</version> -->
+ <version>3.5.0.Final</version>
</dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-jaxrs</artifactId>
<version>1.9.4</version>
</dependency>
+ <!-- replaced with httpclient and httpcore
<dependency>
<groupId>commons-httpclient</groupId>
<artifactId>commons-httpclient</artifactId>
<version>3.1</version>
</dependency>
+ -->
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <version>4.5.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpcore</artifactId>
+ <version>4.4.4</version>
+ </dependency>
</dependencies>
</project> \ No newline at end of file
diff --git a/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java b/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java
index 58c11e1..e613ad2 100644
--- a/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java
+++ b/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java
@@ -23,7 +23,9 @@ import java.util.Map.Entry;
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.ext.ContextResolver;
-import org.apache.commons.httpclient.HttpStatus;
+// bwj: changed the HttpStatus package
+//import org.apache.commons.httpclient.HttpStatus;
+import org.apache.http.HttpStatus;
import org.codehaus.jackson.jaxrs.JacksonJsonProvider;
import org.codehaus.jackson.map.DeserializationConfig;
import org.codehaus.jackson.map.ObjectMapper;