diff options
author | Byung-Woo Jun <byung-woo.jun@ericsson.com> | 2018-03-13 09:34:02 -0400 |
---|---|---|
committer | Byung-Woo Jun <byung-woo.jun@ericsson.com> | 2018-03-13 09:34:02 -0400 |
commit | 94130e891b64ceae436a5c066c28356fb6b98793 (patch) | |
tree | 98f12dcb3b435a932a40662749ad91f393ddad36 | |
parent | 46173b499aae8546afe19c010e887aad5bb981dd (diff) |
Fix the vulnerability issue
Upgrade vulnerable jars with jars without vulnerability
Change-Id: I5cd9073a04db79e173fdd3b85e4712a1cf177531
Issue-ID: SO-458
Signed-off-by: byungwoojun<byung-woo.jun@ericsson.com>
3 files changed, 25 insertions, 3 deletions
diff --git a/openstack-client-connectors/http-connector/pom.xml b/openstack-client-connectors/http-connector/pom.xml index 3e29591..d351f68 100644 --- a/openstack-client-connectors/http-connector/pom.xml +++ b/openstack-client-connectors/http-connector/pom.xml @@ -14,8 +14,15 @@ <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> - <version>4.3.5</version> + <!-- <version>4.3.5</version>--> + <version>4.5.5</version> </dependency> + <!-- bwj: added httpcore --> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + <version>4.4.4</version> + </dependency> <dependency> <groupId>org.codehaus.jackson</groupId> <artifactId>jackson-mapper-asl</artifactId> diff --git a/openstack-client-connectors/resteasy-connector/pom.xml b/openstack-client-connectors/resteasy-connector/pom.xml index 09e85c3..67a219d 100644 --- a/openstack-client-connectors/resteasy-connector/pom.xml +++ b/openstack-client-connectors/resteasy-connector/pom.xml @@ -13,18 +13,31 @@ <dependency> <groupId>org.jboss.resteasy</groupId> <artifactId>resteasy-jaxrs</artifactId> - <version>2.3.2.Final</version> + <!-- replaced with 3.5.0.Final <version>2.3.2.Final</version> --> + <version>3.5.0.Final</version> </dependency> <dependency> <groupId>org.codehaus.jackson</groupId> <artifactId>jackson-jaxrs</artifactId> <version>1.9.4</version> </dependency> + <!-- replaced with httpclient and httpcore <dependency> <groupId>commons-httpclient</groupId> <artifactId>commons-httpclient</artifactId> <version>3.1</version> </dependency> + --> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient</artifactId> + <version>4.5.5</version> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + <version>4.4.4</version> + </dependency> </dependencies> </project>
\ No newline at end of file diff --git a/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java b/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java index 58c11e1..e613ad2 100644 --- a/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java +++ b/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java @@ -23,7 +23,9 @@ import java.util.Map.Entry; import javax.ws.rs.core.UriBuilder; import javax.ws.rs.ext.ContextResolver; -import org.apache.commons.httpclient.HttpStatus; +// bwj: changed the HttpStatus package +//import org.apache.commons.httpclient.HttpStatus; +import org.apache.http.HttpStatus; import org.codehaus.jackson.jaxrs.JacksonJsonProvider; import org.codehaus.jackson.map.DeserializationConfig; import org.codehaus.jackson.map.ObjectMapper; |