Gitiles
Code Review Sign In
gerrit.nordix.org / onap / ccsdk / parent / aa7c2484c692878d24753fe462069e94f6c3291b
commitaa7c2484c692878d24753fe462069e94f6c3291b[log] [tgz]
authorRehanRaza <muhammad.rehan.raza@est.tech>Wed Jan 27 16:09:19 2021 +0100
committerDan Timoney <dtimoney@att.com>Wed Jan 27 19:18:54 2021 +0000
treea09e2d131723dea1df21693c350f8d277ec439b6
parentb6288f99fbfcc73f115511696f98111ca32b8d2f [diff]
Upgrade jackson version in dependencies-bom

Upgrade jackson to 2.11.4, the same version used by springboot 2.3.8.RELEASE which is the version currently used in ccsdk/parent's springboot pom.
This is intended to fix the following security vulnerability:

Component(displayName=com.fasterxml.jackson.core : jackson-databind : 2.10.1, hash=18eee15ffc662d27538d) [
Constraint(Critical security vulnerability)
[Security Vulnerability Severity >= 7 because: Found security vulnerability CVE-2020-25649 with severity >= 7 (severity = 7.5)] ]]

Change-Id: I0d1727296ac3c3227e5e5666a796b08a63a61aaa
Issue-ID: CCSDK-3108
Signed-off-by: RehanRaza <muhammad.rehan.raza@est.tech>
1 file changed
tree: a09e2d131723dea1df21693c350f8d277ec439b6
  1. dependencies-bom/
  2. dependencies-odl-bom/
  3. docs/
  4. installed-odl-bom/
  5. odlparent/
  6. oparent/
  7. releases/
  8. springboot/
  9. standalone/
  10. tools/
  11. .gitignore
  12. INFO.yaml
  13. pom.xml
  14. Readme.MD
  15. version.properties
Readme.MD

!!!!! PLEASE READ !!!!!

The actual parent poms are being generated from below two pom-template

ODL related parent poms:

ccsdk/parent/odlparent/setup/src/main/template/pom-template.xml

Springboot related parent poms:

ccsdk/parent/springboot/spring-boot-setup/src/main/template/pom-template.xml

Note:

Any updates needed should be made to respective template and not to the generated pom.xml file/files.

Every parent pom has associated properties files (src/main/properties).
Setup module will read those properties and populate respective values within generated pom.xml