Fix JMS plugin vulnerability

THe HornetQ JMS implementation had security vulnerabilities,
license issues, and the latest version is 3 years old.
The plugin was updated to use the Apache ActiveMQ JMS
implementaiton instead. ActiveMQ has a very recent
version, has no license issues, and has no recorded security
issues.

Issue-ID: POLICY-905
Change-Id: I2db80a9e45ee4274f31e8c493c841cd039e78050
Signed-off-by: liamfallon <liam.fallon@ericsson.com>

diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml
index 61abf52..3ad5d0b 100644 (file)
--- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml
+++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml
@@ -46,9 +46,20 @@
             <version>3.2.0.Final</version>
         </dependency>
         <dependency>
-            <groupId>org.hornetq</groupId>
-            <artifactId>hornetq-jms-client</artifactId>
-            <version>2.3.25.Final</version>
+            <groupId>org.apache.activemq</groupId>
+            <artifactId>artemis-jms-client</artifactId>
+            <version>2.6.1</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>io.netty</groupId>
+                    <artifactId>*</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>io.netty</groupId>
+            <artifactId>netty-all</artifactId>
+            <version>4.1.25.Final</version>
         </dependency>
     </dependencies>
-</project>
\ No newline at end of file
+</project>