Gitiles
Code Review Sign In
gerrit.nordix.org / onap / vid / 628750abb90133686198187b9cb679f2403d8c5f^! / . / epsdk-app-onap / pom.xml
commit628750abb90133686198187b9cb679f2403d8c5f[log] [tgz]
authorSonsino, Ofir (os0695) <os0695@intl.att.com>Wed Mar 21 19:09:20 2018 +0200
committerSonsino, Ofir (os0695) <os0695@intl.att.com>Wed Mar 21 19:09:20 2018 +0200
treebab0d2cb966df35899e8ee28dcb9e271e9636f17
parentb80c5cd587888074a81cb0cf5c2083725b701dec [diff] [blame]
Fix security issues

Change-Id: I12ebc7634bdefc176642e8637e6a2af2c5e14b99
Issue-ID: VID-149
Signed-off-by: Sonsino, Ofir (os0695) <os0695@intl.att.com>

diff --git a/epsdk-app-onap/pom.xml b/epsdk-app-onap/pom.xml
index 67f9a08..b38821a 100755
--- a/epsdk-app-onap/pom.xml
+++ b/epsdk-app-onap/pom.xml

@@ -18,7 +18,7 @@
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>

 		<epsdk.version>2.1.0</epsdk.version>

-		<springframework.version>4.2.2.RELEASE</springframework.version>

+		<springframework.version>4.2.4.RELEASE</springframework.version>

 		<hibernate.version>4.3.11.Final</hibernate.version>

 		<!-- Skip assembling the zip; assemble via mvn -Dskipassembly=false .. -->

 		<skipassembly>true</skipassembly>

@@ -321,12 +321,12 @@
 		<dependency>

 			<groupId>commons-collections</groupId>

 			<artifactId>commons-collections</artifactId>

-			<version>3.2.1</version>

+			<version>3.2.2</version>

 		</dependency>

 		<dependency>

 			<groupId>commons-fileupload</groupId>

 			<artifactId>commons-fileupload</artifactId>

-			<version>1.3.2</version>

+			<version>1.3.3</version>

 		</dependency>

 		<dependency>

 			<groupId>org.bouncycastle</groupId>

@@ -336,13 +336,35 @@
 		<dependency>

 			<groupId>xalan</groupId>

 			<artifactId>xalan</artifactId>

-			<version>2.7.1</version>

+			<version>2.7.2</version>

 		</dependency>

 		<dependency>

 			<groupId>org.apache.poi</groupId>

 			<artifactId>poi</artifactId>

-			<version>3.8</version>

+			<version>3.15</version>

 		</dependency>

+		<dependency>

+			<groupId>com.thoughtworks.xstream</groupId>

+			<artifactId>xstream</artifactId>

+			<version>1.4.10</version>

+		</dependency>

+		<dependency>

+			<groupId>org.apache.httpcomponents</groupId>

+			<artifactId>httpclient</artifactId>

+			<version>4.5.3</version>

+		</dependency>

+		<dependency>

+			<groupId>com.fasterxml.jackson.core</groupId>

+			<artifactId>jackson-core</artifactId>

+			<version>2.8.6</version>

+		</dependency>

+		<dependency>

+			<groupId>xerces</groupId>

+			<artifactId>xercesImpl</artifactId>

+			<version>2.11.0.SP5</version>

+		</dependency>

+

+

 

 		<dependency>

 			<groupId>org.onap.vid</groupId>