NexusIQ security violation - httpclient

Violation in:

org.apache-httpcomponents : httpclient : 4.4.1, 4.3.1, 4.3.3, 4.5, 4.5.2

Fix:
Upgrade httpclient to 4.5.5 and httpcore to 4.4.4

Change-Id: Ie31b853102eb2a4fc7fc16441a2a1c18a2b7fa35
Issue-ID: SO-507
Signed-off-by: Rob Daugherty <rd472p@att.com>

diff --git a/asdc-controller/pom.xml b/asdc-controller/pom.xml
index 66ecbd8..a06a16d 100644 (file)
--- a/asdc-controller/pom.xml
+++ b/asdc-controller/pom.xml
@@ -81,7 +81,6 @@
                <dependency>
                                <groupId>org.apache.httpcomponents</groupId>
                                <artifactId>httpclient</artifactId>
-                               <version>4.5.5</version>
                                <scope>compile</scope>
                                <exclusions>
                                        <exclusion>  

diff --git a/cloudify-client/pom.xml b/cloudify-client/pom.xml
index 9b2ca39..057a1ed 100644 (file)
--- a/cloudify-client/pom.xml
+++ b/cloudify-client/pom.xml
@@ -35,12 +35,10 @@
                <dependency>
                        <groupId>org.apache.httpcomponents</groupId>
                        <artifactId>httpcore</artifactId>
-<!--                   <version>4.3.1</version> -->
                </dependency>
                <dependency>
                        <groupId>org.apache.httpcomponents</groupId>
                        <artifactId>httpclient</artifactId>
-<!--                   <version>4.5.5</version> -->
                </dependency>
                <dependency>
                        <groupId>org.hamcrest</groupId>

diff --git a/pom.xml b/pom.xml
index 263a632..0ca4836 100644 (file)
--- a/pom.xml
+++ b/pom.xml
@@ -549,7 +549,7 @@
       <dependency>
         <groupId>org.apache.httpcomponents</groupId>
         <artifactId>httpcore</artifactId>
-        <version>4.4.1</version>
+        <version>4.4.4</version>
         <scope>compile</scope>
       </dependency>
       <dependency>