Gitiles
Code Review Sign In
gerrit.nordix.org / onap / vnfsdk / functest / aa0da758ab353be28fe165934a09e8fd5a62620d^! / . / vnf-sdk-function-test / pom.xml
commitaa0da758ab353be28fe165934a09e8fd5a62620d[log] [tgz]
authorKailun Qin <kailun.qin@intel.com>Thu Aug 30 22:04:09 2018 +0800
committerKailun Qin <kailun.qin@intel.com>Thu Aug 30 22:22:23 2018 +0800
tree5b4e4353776c57b446069dd181881e04f3f309de
parent1abf74201e8920dbf2aa362086755b0ae94f9564 [diff] [blame]
Address critical and severe vulnerabilities

Update jackson-databind and guava versions based on August 25 security
scan. And fix vnfsdk-functest-distribution standalone dependency version
to address jquery security issue in the stale jar.

Change-Id: I10d96951126d38efd85132445cf71e4b047ee04e
Issue-ID: VNFSDK-302
Signed-off-by: Kailun Qin <kailun.qin@intel.com>

diff --git a/vnf-sdk-function-test/pom.xml b/vnf-sdk-function-test/pom.xml
index dbfefeb..ebae15c 100644
--- a/vnf-sdk-function-test/pom.xml
+++ b/vnf-sdk-function-test/pom.xml

@@ -169,17 +169,6 @@
             <artifactId>jersey-container-servlet-core</artifactId>
             <version>2.25.1</version>
         </dependency>
-        <!-- jetty -->
-        <dependency>
-            <groupId>org.eclipse.jetty</groupId>
-            <artifactId>jetty-http</artifactId>
-            <version>9.4.11.v20180605</version>
-        </dependency>
-        <dependency>
-            <groupId>org.eclipse.jetty</groupId>
-            <artifactId>jetty-servlet</artifactId>
-            <version>9.4.11.v20180605</version>
-        </dependency>
         <!-- consumer -->
         <dependency>
             <groupId>com.eclipsesource.jaxrs</groupId>
@@ -198,11 +187,11 @@
             <artifactId>gson</artifactId>
             <version>2.8.2</version>
         </dependency>
-        <!-- https://mvnrepository.com/artifact/com.fasterxml.jackson.dataformat/jackson-dataformat-xml -->
+        <!-- https://mvnrepository.com/artifact/com.google.guava/guava -->
         <dependency>
-            <groupId>com.fasterxml.jackson.dataformat</groupId>
-            <artifactId>jackson-dataformat-xml</artifactId>
-            <version>2.9.5</version>
+            <groupId>com.google.guava</groupId>
+            <artifactId>guava</artifactId>
+            <version>26.0-jre</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/org.glassfish.hk2.external/javax.inject -->
         <dependency>
@@ -234,11 +223,6 @@
             <artifactId>osgi-resource-locator</artifactId>
             <version>2.5.0-b42</version>
         </dependency>
-        <!--<dependency>-->
-        <!--<groupId>mysql</groupId>-->
-        <!--<artifactId>mysql-connector-java</artifactId>-->
-        <!--<version>5.1.18</version>-->
-        <!--</dependency>-->
         <dependency>
             <groupId>org.postgresql</groupId>
             <artifactId>postgresql</artifactId>