From 94130e891b64ceae436a5c066c28356fb6b98793 Mon Sep 17 00:00:00 2001
From: Byung-Woo Jun <byung-woo.jun@ericsson.com>
Date: Tue, 13 Mar 2018 09:34:02 -0400
Subject: Fix the vulnerability issue

Upgrade vulnerable jars with jars without vulnerability

Change-Id: I5cd9073a04db79e173fdd3b85e4712a1cf177531
Issue-ID: SO-458
Signed-off-by: byungwoojun<byung-woo.jun@ericsson.com>
---
 openstack-client-connectors/http-connector/pom.xml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'openstack-client-connectors/http-connector')

diff --git a/openstack-client-connectors/http-connector/pom.xml b/openstack-client-connectors/http-connector/pom.xml
index 3e29591..d351f68 100644
--- a/openstack-client-connectors/http-connector/pom.xml
+++ b/openstack-client-connectors/http-connector/pom.xml
@@ -14,8 +14,15 @@
 	<dependency>
   		<groupId>org.apache.httpcomponents</groupId>
   		<artifactId>httpclient</artifactId>
-  		<version>4.3.5</version>
+  		<!-- <version>4.3.5</version>-->
+			<version>4.5.5</version>
   	</dependency>
+	<!-- bwj: added httpcore -->
+	<dependency>
+		<groupId>org.apache.httpcomponents</groupId>
+		<artifactId>httpcore</artifactId>
+		<version>4.4.4</version>
+	</dependency>
 	<dependency>
   		<groupId>org.codehaus.jackson</groupId>
   		<artifactId>jackson-mapper-asl</artifactId>
-- 
cgit 1.2.3-korg