Security fixes

[portal.git] / ecomp-portal-BE-common / pom.xml

diff --git a/ecomp-portal-BE-common/pom.xml b/ecomp-portal-BE-common/pom.xml
index 261cf31..ce394ea 100644 (file)
--- a/ecomp-portal-BE-common/pom.xml
+++ b/ecomp-portal-BE-common/pom.xml
@@ -172,10 +172,6 @@
                                        <groupId>org.slf4j</groupId>
                                        <artifactId>log4j-over-slf4j</artifactId>
                                </exclusion>
-                               <exclusion>
-                                       <groupId>ch.qos.logback</groupId>
-                                       <artifactId>logback-classic</artifactId>
-                               </exclusion>
                        </exclusions>
                </dependency>
                <!-- Hibernate -->
@@ -295,6 +291,12 @@
                        <groupId>org.elasticsearch</groupId>
                        <artifactId>elasticsearch</artifactId>
                        <version>2.2.0</version>
+                       <exclusions>
+                               <exclusion>
+                                       <groupId>org.apache.lucene</groupId>
+                                       <artifactId>lucene-queryparser</artifactId>
+                               </exclusion>
+                       </exclusions>
                </dependency>
                <dependency>
                        <groupId>io.searchbox</groupId>
@@ -338,7 +340,7 @@
                <dependency>
                        <groupId>org.apache.poi</groupId>
                        <artifactId>poi</artifactId>
-                       <version>3.5-FINAL</version>
+                       <version>3.15</version>
                        <exclusions>
                                <exclusion>
                                        <groupId>commons-logging</groupId>
@@ -353,7 +355,7 @@
                <dependency>
                        <groupId>org.apache.poi</groupId>
                        <artifactId>poi-ooxml</artifactId>
-                       <version>3.5-FINAL</version>
+                       <version>3.15</version>
                        <exclusions>
                                <exclusion>
                                        <groupId>commons-logging</groupId>
@@ -445,6 +447,10 @@
                                        <groupId>org.slf4j</groupId>
                                        <artifactId>slf4j-log4j12</artifactId>
                                </exclusion>
+                               <exclusion>
+                                       <groupId>org.apache.httpcomponents</groupId>
+                                       <artifactId>httpclient</artifactId>
+                               </exclusion>    
                        </exclusions>
                </dependency>
                <dependency>
@@ -509,7 +515,7 @@
                <dependency>
                        <groupId>org.apache.httpcomponents</groupId>
                        <artifactId>httpclient</artifactId>
-                       <version>4.5.2</version>
+                       <version>4.5.3</version>
                </dependency>
                <!-- for testing -->
                <dependency>
@@ -541,7 +547,7 @@
                <dependency>
                        <groupId>commons-beanutils</groupId>
                        <artifactId>commons-beanutils</artifactId>
-                       <version>1.9.2</version>
+                       <version>1.9.3</version>
                </dependency>
                <dependency>
                        <groupId>com.ecwid.consul</groupId>
@@ -556,7 +562,7 @@
                <dependency>
                        <groupId>commons-fileupload</groupId>
                        <artifactId>commons-fileupload</artifactId>
-                       <version>1.3</version>
+                       <version>1.3.3</version>
                </dependency>
                <dependency>
                        <groupId>io.springfox</groupId>
@@ -582,7 +588,7 @@
                <dependency>
                        <groupId>com.fasterxml.jackson.jaxrs</groupId>
                        <artifactId>jackson-jaxrs-json-provider</artifactId>
-                       <version>2.6.3</version>
+                       <version>2.8.10</version>
                </dependency>
                <dependency>
                        <groupId>org.glassfish.jersey.connectors</groupId>
@@ -605,6 +611,10 @@
                        <groupId>commons-beanutils</groupId>
                        <artifactId>commons-beanutils-core</artifactId>
                 </exclusion>
+                <exclusion>
+                       <groupId>commons-httpclient</groupId>
+                       <artifactId>commons-httpclient</artifactId>
+                </exclusion>
               </exclusions>
         </dependency>
         <dependency>
@@ -622,6 +632,37 @@
                    <artifactId>spring-security-config</artifactId>
                    <version>${springframework.version}</version>
            </dependency>
+               <dependency>
+               <groupId>com.thoughtworks.xstream</groupId>
+               <artifactId>xstream</artifactId>
+               <version>1.4.10</version>
+               </dependency>
+               <dependency>
+               <groupId>org.apache.wicket</groupId>
+               <artifactId>wicket-core</artifactId>
+               <version>1.5.16</version>
+               </dependency>
+               <dependency>
+                       <groupId>ch.qos.logback</groupId>
+                       <artifactId>logback-core</artifactId>
+                       <version>1.2.3</version>
+               </dependency>
+               <dependency>
+                       <groupId>ch.qos.logback</groupId>
+                       <artifactId>logback-classic</artifactId>
+                       <version>1.2.3</version>
+               </dependency>
+               <dependency>
+               <groupId>commons-collections</groupId>
+               <artifactId>commons-collections</artifactId>
+               <version>3.2.2</version>
+               </dependency>
+               <dependency>
+               <groupId>xalan</groupId>
+               <artifactId>xalan</artifactId>
+               <version>2.7.2</version>
+               </dependency>
+               
                
        </dependencies>