summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRob Daugherty <rd472p@att.com>2018-03-20 16:38:15 -0400
committerRob Daugherty <rd472p@att.com>2018-03-20 16:39:00 -0400
commitd413cf3266aa38b3a9c5bf37ce30c3de68b3ad55 (patch)
tree4bb96bf2cd6fe2141b47c678090fbcf1a2f83f38
parentf0261ef5d032d604cc553593ce694b73f6f179b3 (diff)
NexusIQ security violation - httpclient
Violation in: org.apache-httpcomponents : httpclient : 4.4.1, 4.3.1, 4.3.3, 4.5, 4.5.2 Fix: Upgrade httpclient to 4.5.5 and httpcore to 4.4.4 Change-Id: I438214d7ee866dd95ffb6bcbc47999b95f200bec Issue-ID: SO-507 Signed-off-by: Rob Daugherty <rd472p@att.com>
-rw-r--r--openstack-client-connectors/http-connector/pom.xml5
-rw-r--r--openstack-client-connectors/resteasy-connector/pom.xml4
-rw-r--r--pom.xml12
3 files changed, 14 insertions, 7 deletions
diff --git a/openstack-client-connectors/http-connector/pom.xml b/openstack-client-connectors/http-connector/pom.xml
index d351f68..bd1d81f 100644
--- a/openstack-client-connectors/http-connector/pom.xml
+++ b/openstack-client-connectors/http-connector/pom.xml
@@ -14,14 +14,11 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <!-- <version>4.3.5</version>-->
- <version>4.5.5</version>
</dependency>
<!-- bwj: added httpcore -->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
- <version>4.4.4</version>
</dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
@@ -35,4 +32,4 @@
</dependency>
</dependencies>
-</project> \ No newline at end of file
+</project>
diff --git a/openstack-client-connectors/resteasy-connector/pom.xml b/openstack-client-connectors/resteasy-connector/pom.xml
index 67a219d..958f927 100644
--- a/openstack-client-connectors/resteasy-connector/pom.xml
+++ b/openstack-client-connectors/resteasy-connector/pom.xml
@@ -31,13 +31,11 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <version>4.5.5</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
- <version>4.4.4</version>
</dependency>
</dependencies>
-</project> \ No newline at end of file
+</project>
diff --git a/pom.xml b/pom.xml
index 71c486f..de300f9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -81,6 +81,18 @@
<dependencyManagement>
<dependencies>
<dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <version>4.5.5</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpcore</artifactId>
+ <version>4.4.4</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.11</version>