From 94130e891b64ceae436a5c066c28356fb6b98793 Mon Sep 17 00:00:00 2001 From: Byung-Woo Jun Date: Tue, 13 Mar 2018 09:34:02 -0400 Subject: Fix the vulnerability issue Upgrade vulnerable jars with jars without vulnerability Change-Id: I5cd9073a04db79e173fdd3b85e4712a1cf177531 Issue-ID: SO-458 Signed-off-by: byungwoojun --- openstack-client-connectors/http-connector/pom.xml | 9 ++++++++- openstack-client-connectors/resteasy-connector/pom.xml | 15 ++++++++++++++- .../com/woorea/openstack/connector/RESTEasyConnector.java | 4 +++- 3 files changed, 25 insertions(+), 3 deletions(-) diff --git a/openstack-client-connectors/http-connector/pom.xml b/openstack-client-connectors/http-connector/pom.xml index 3e29591..d351f68 100644 --- a/openstack-client-connectors/http-connector/pom.xml +++ b/openstack-client-connectors/http-connector/pom.xml @@ -14,8 +14,15 @@ org.apache.httpcomponents httpclient - 4.3.5 + + 4.5.5 + + + org.apache.httpcomponents + httpcore + 4.4.4 + org.codehaus.jackson jackson-mapper-asl diff --git a/openstack-client-connectors/resteasy-connector/pom.xml b/openstack-client-connectors/resteasy-connector/pom.xml index 09e85c3..67a219d 100644 --- a/openstack-client-connectors/resteasy-connector/pom.xml +++ b/openstack-client-connectors/resteasy-connector/pom.xml @@ -13,18 +13,31 @@ org.jboss.resteasy resteasy-jaxrs - 2.3.2.Final + + 3.5.0.Final org.codehaus.jackson jackson-jaxrs 1.9.4 + + + org.apache.httpcomponents + httpclient + 4.5.5 + + + org.apache.httpcomponents + httpcore + 4.4.4 + \ No newline at end of file diff --git a/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java b/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java index 58c11e1..e613ad2 100644 --- a/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java +++ b/openstack-client-connectors/resteasy-connector/src/main/java/com/woorea/openstack/connector/RESTEasyConnector.java @@ -23,7 +23,9 @@ import java.util.Map.Entry; import javax.ws.rs.core.UriBuilder; import javax.ws.rs.ext.ContextResolver; -import org.apache.commons.httpclient.HttpStatus; +// bwj: changed the HttpStatus package +//import org.apache.commons.httpclient.HttpStatus; +import org.apache.http.HttpStatus; import org.codehaus.jackson.jaxrs.JacksonJsonProvider; import org.codehaus.jackson.map.DeserializationConfig; import org.codehaus.jackson.map.ObjectMapper; -- cgit 1.2.3-korg