fixing common-collection 3.2.1 security issue
changed pom.xml and features.xml to keep common-collection to 3.2.2
Change-Id: I3ccd44d61f2e58edae9de6d7042cdb752bbd73cb
Issue-ID: APPC-1018
Signed-off-by: Taka Cho <tc012c@att.com>
diff --git a/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml b/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml
index 5bbdf69..7b7d4d3 100644
--- a/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml
+++ b/appc-adapters/appc-chef-adapter/appc-chef-adapter-features/features-appc-chef-adapter/pom.xml
@@ -43,6 +43,10 @@
<type>xml</type>
<classifier>features</classifier>
</dependency>
-
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcprov-jdk15on</artifactId>
+ <version>1.60</version>
+ </dependency>
</dependencies>
</project>
diff --git a/appc-config/appc-config-params/features/src/main/resources/features.xml b/appc-config/appc-config-params/features/src/main/resources/features.xml
index 0e817c3..757a1fc 100644
--- a/appc-config/appc-config-params/features/src/main/resources/features.xml
+++ b/appc-config/appc-config-params/features/src/main/resources/features.xml
@@ -36,7 +36,7 @@
<feature>ccsdk-sli</feature>
<bundle>mvn:commons-lang/commons-lang/2.6</bundle>
- <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle>
+ <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle>
<!-- <bundle>wrap:mvn:org.onap.appc/appc-yang-generator/${project.version}</bundle> -->
<bundle>wrap:mvn:org.openecomp.sdc.common/openecomp-tosca-datatype/${tosca.datatype.version}</bundle>
diff --git a/appc-config/appc-encryption-tool/features/src/main/resources/features.xml b/appc-config/appc-encryption-tool/features/src/main/resources/features.xml
index b465669..a88ef3e 100644
--- a/appc-config/appc-encryption-tool/features/src/main/resources/features.xml
+++ b/appc-config/appc-encryption-tool/features/src/main/resources/features.xml
@@ -37,7 +37,7 @@
<bundle>mvn:commons-lang/commons-lang/2.6</bundle>
<bundle>mvn:org.apache.velocity/velocity/${velocity.version}</bundle>
- <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle>
+ <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle>
<bundle>mvn:org.onap.appc/appc-config-encryption-tool-provider/${project.version}</bundle>
</feature>
</features>
diff --git a/appc-config/appc-flow-controller/features/src/main/resources/features.xml b/appc-config/appc-flow-controller/features/src/main/resources/features.xml
index 2ab6ba2..424abd8 100644
--- a/appc-config/appc-flow-controller/features/src/main/resources/features.xml
+++ b/appc-config/appc-flow-controller/features/src/main/resources/features.xml
@@ -33,7 +33,7 @@
<feature>ccsdk-sli</feature>
<bundle>mvn:commons-lang/commons-lang/2.6</bundle>
- <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle>
+ <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle>
<bundle>mvn:org.onap.appc/appc-config-flow-controller-provider/${project.version}</bundle>
</feature>
diff --git a/appc-config/pom.xml b/appc-config/pom.xml
index a70a355..0c8165c 100644
--- a/appc-config/pom.xml
+++ b/appc-config/pom.xml
@@ -38,7 +38,7 @@
<snakeyaml.version>1.12</snakeyaml.version>
<velocity.version>1.7</velocity.version>
<jettison.version>1.3.7</jettison.version>
- <common.collections.version>3.2.1</common.collections.version>
+ <common.collections.version>3.2.2</common.collections.version>
<common.io.version>2.5</common.io.version>
<tosca.datatype.version>1.1.0</tosca.datatype.version>
diff --git a/appc-outbound/appc-aai-client/features/src/main/resources/features.xml b/appc-outbound/appc-aai-client/features/src/main/resources/features.xml
index 1043da2..6a8826d 100644
--- a/appc-outbound/appc-aai-client/features/src/main/resources/features.xml
+++ b/appc-outbound/appc-aai-client/features/src/main/resources/features.xml
@@ -39,7 +39,7 @@
<feature>ccsdk-aai-service</feature>
<bundle>mvn:commons-lang/commons-lang/2.6</bundle>
<!-- <bundle>mvn:org.apache.velocity/velocity/${velocity.version}</bundle> -->
- <bundle>mvn:commons-collections/commons-collections/3.2.1</bundle>
+ <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle>
<bundle>mvn:org.onap.appc/appc-aai-client-provider/${project.version}</bundle>
</feature>
</features>
diff --git a/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml b/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml
index 276a275..0effc0d 100644
--- a/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml
+++ b/appc-outbound/appc-network-inventory-client/features/src/main/resources/features.xml
@@ -36,7 +36,7 @@
<feature>ccsdk-sli</feature>
<bundle>mvn:commons-lang/commons-lang/2.6</bundle>
- <bundle>mvn:commons-collections/commons-collections/${common.collections.version}</bundle>
+ <bundle>mvn:commons-collections/commons-collections/3.2.2</bundle>
<bundle>wrap:mvn:com.att.eelf/eelf-core/${eelf.version}</bundle>
<bundle>mvn:com.sun.jersey/jersey-client/1.17</bundle>
<bundle>mvn:ch.qos.logback/logback-core/${logback.version}</bundle>
diff --git a/appc-parent/single-feature-parent/pom.xml b/appc-parent/single-feature-parent/pom.xml
index fb3a344..ee2c582 100644
--- a/appc-parent/single-feature-parent/pom.xml
+++ b/appc-parent/single-feature-parent/pom.xml
@@ -37,7 +37,7 @@
<properties>
<skip.karaf.featureTest>true</skip.karaf.featureTest>
- <commons.collections.version>3.2.1</commons.collections.version>
+ <commons.collections.version>3.2.2</commons.collections.version>
<snakeyaml.version>1.12</snakeyaml.version>
<tosca.datatype.version>1.1.0</tosca.datatype.version>
<velocity.version>1.7</velocity.version>
diff --git a/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml b/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml
index 77390a0..91bb687 100644
--- a/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml
+++ b/appc-sequence-generator/appc-sequence-generator-bundle/pom.xml
@@ -200,7 +200,18 @@
<groupId>org.apache.velocity</groupId>
<artifactId>velocity</artifactId>
<version>1.7</version>
- </dependency>
+ <exclusions>
+ <exclusion>
+ <artifactId>commons-collections</artifactId>
+ <groupId>commons-collections</groupId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ <version>3.2.2</version>
+ </dependency>
<dependency>
<groupId>org.onap.ccsdk.sli.adaptors</groupId>
<artifactId>sql-resource-provider</artifactId>