Update jetty-util ver

Change-Id: If94902cf904a7616b7feb0d5717333852ad24ccd
Issue-ID: DCAEGEN2-768
Signed-off-by: Shadi Haidar <sh1986@att.com>

diff --git a/pom.xml b/pom.xml
index 88526dd..84b42dd 100644 (file)
--- a/pom.xml
+++ b/pom.xml
@@ -78,8 +78,26 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property.
                     <groupId>org.eclipse.jetty</groupId>
                     <artifactId>jetty-util</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>jetty-http</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.eclipse.jetty</groupId>
+                    <artifactId>jetty-server</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
+       <dependency>
+           <groupId>org.eclipse.jetty</groupId>
+           <artifactId>jetty-server</artifactId>
+           <version>9.4.12.v20180830</version>
+       </dependency>
+       <dependency>
+           <groupId>org.eclipse.jetty</groupId>
+           <artifactId>jetty-http</artifactId>
+           <version>9.4.12.v20180830</version>
+       </dependency>
         <dependency>
             <groupId>io.dropwizard</groupId>
             <artifactId>dropwizard-jdbi</artifactId>
@@ -98,15 +116,11 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property.
             <version>4.5.5</version>
         </dependency>
         <dependency>
-            <!-- To address security issue - CVE-2017-7536 -->
             <groupId>org.hibernate</groupId>
             <artifactId>hibernate-validator</artifactId>
             <version>5.3.6.Final</version>
         </dependency>
         <dependency>
-            <!-- To address security issue - CVE-2017-9735
-                 REVIEW: Only updated jetty-util which may introduce runtime issues because
-                 other jetty libraries are on 9.4.2 still -->
             <groupId>org.eclipse.jetty</groupId>
             <artifactId>jetty-util</artifactId>
             <version>9.4.12.v20180830</version>

diff --git a/version.properties b/version.properties
index 5ced55f..d096cfd 100644 (file)
--- a/version.properties
+++ b/version.properties
@@ -3,7 +3,7 @@
 # because they are used in Jenkins, whose plug-in doesn't support\r
 major=3\r
 minor=0\r
-patch=3\r
+patch=4\r
 base_version=${major}.${minor}.${patch}\r
 # Release must be completed with git revision # in Jenkins\r
 \r