Fix vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42

[logging-analytics/pomba/pomba-context-aggregator.git] / pom.xml

diff --git a/pom.xml b/pom.xml
index 4551c1a..9b41632 100644 (file)
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@
       <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-dependencies</artifactId>
-        <version>1.5.17.RELEASE</version>
+        <version>1.5.22.RELEASE</version>
         <type>pom</type>
         <scope>import</scope>
       </dependency>
@@ -63,6 +63,12 @@
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-web</artifactId>
+      <exclusions>
+        <exclusion>
+          <groupId>org.springframework.boot</groupId>
+          <artifactId>spring-boot-starter-json</artifactId>
+        </exclusion>
+      </exclusions>
     </dependency>
     <dependency>
       <groupId>org.springframework.boot</groupId>
@@ -71,7 +77,7 @@
     <dependency>
       <groupId>org.onap.logging-analytics.pomba</groupId>
       <artifactId>pomba-audit-common</artifactId>
-      <version>1.4.0</version>
+      <version>1.5.0-SNAPSHOT</version>
     </dependency>
     <dependency>
       <groupId>com.google.code.gson</groupId>