Upgrade dependencies in drools-pdp for IQ issues
IQ reports identified a couple of vulnerabilities in various
dependencies. Upgraded to the latest version of them per SECCOM.
Issue-ID: POLICY-3005
Change-Id: I52f1137bfaeee0d715ee438b69e98f2d06849d38
Signed-off-by: Jim Hahn <jrh3@att.com>
diff --git a/feature-distributed-locking/pom.xml b/feature-distributed-locking/pom.xml
index 93c7af8..78866df 100644
--- a/feature-distributed-locking/pom.xml
+++ b/feature-distributed-locking/pom.xml
@@ -2,7 +2,7 @@
============LICENSE_START=======================================================
ONAP Policy Engine - Drools PDP
================================================================================
- Copyright (C) 2018-2020 AT&T Intellectual Property. All rights reserved.
+ Copyright (C) 2018-2021 AT&T Intellectual Property. All rights reserved.
Modifications Copyright (C) 2020 Nordix Foundation.
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
@@ -100,7 +100,7 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-dbcp2</artifactId>
- <version>2.7.0</version>
+ <version>2.8.0</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
diff --git a/feature-session-persistence/pom.xml b/feature-session-persistence/pom.xml
index a193145..098082b 100644
--- a/feature-session-persistence/pom.xml
+++ b/feature-session-persistence/pom.xml
@@ -150,7 +150,7 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-dbcp2</artifactId>
- <version>2.7.0</version>
+ <version>2.8.0</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
diff --git a/policy-core/pom.xml b/policy-core/pom.xml
index 6058f8b..f22da24 100644
--- a/policy-core/pom.xml
+++ b/policy-core/pom.xml
@@ -46,7 +46,7 @@
<dependency>
<groupId>org.apache.ant</groupId>
<artifactId>ant</artifactId>
- <version>1.10.8</version>
+ <version>1.10.9</version>
</dependency>
<dependency>
diff --git a/pom.xml b/pom.xml
index 0d35039..90da2c9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -3,7 +3,7 @@
============LICENSE_START=======================================================
ONAP Policy Engine - Drools PDP
================================================================================
- Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved.
+ Copyright (C) 2017-2021 AT&T Intellectual Property. All rights reserved.
Modifications Copyright (C) 2020 Nordix Foundation.
================================================================================
Licensed under the Apache License, Version 2.0 (the "License");
@@ -48,7 +48,7 @@
<!-- Project common dependency versions -->
<json.path.version>2.4.0</json.path.version>
- <hibernate.core.version>5.4.18.Final</hibernate.core.version>
+ <hibernate.core.version>5.4.28.Final</hibernate.core.version>
<hibernate.commons.annotations.version>5.0.1.Final</hibernate.commons.annotations.version>
<xml.apis.version>1.4.01</xml.apis.version>
<policy.common.version>1.8.0-SNAPSHOT</policy.common.version>