Upgrade dependency versions for security

This change upgrades dependencies to versions that ve no or lesser
security issues than the current versions.

Issue-ID: POLICY-1644
Change-Id: Ib6dc8193c8da2547046791d82956019e0c741544
Signed-off-by: liamfallon <liam.fallon@est.tech>

diff --git a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml
index 9a738a5..22e50ba 100644 (file)
--- a/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml
+++ b/plugins/plugins-event/plugins-event-carrier/plugins-event-carrier-jms/pom.xml
@@ -43,10 +43,6 @@
                     <groupId>commons-beanutils</groupId>
                     <artifactId>commons-beanutils</artifactId>
                 </exclusion>
-                <exclusion>
-                    <groupId>org.jgroups</groupId>
-                    <artifactId>jgroups</artifactId>
-                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -54,11 +50,6 @@
             <artifactId>netty-all</artifactId>
             <version>4.1.25.Final</version>
         </dependency>
-        <dependency>
-            <groupId>org.jgroups</groupId>
-            <artifactId>jgroups</artifactId>
-            <version>4.1.1.Final</version>
-        </dependency>
     </dependencies>
     
     <profiles>

diff --git a/pom.xml b/pom.xml
index 18b40c0..3c806f9 100644 (file)
--- a/pom.xml
+++ b/pom.xml
@@ -47,6 +47,10 @@
         <version.hibernate>5.3.7.Final</version.hibernate>
         <version.policy.common>1.6.0-SNAPSHOT</version.policy.common>
         <version.policy.models>2.2.0-SNAPSHOT</version.policy.models>
+        <version.jackson>2.10.0.pr3</version.jackson>
+        <version.jgroups>4.1.5.Final</version.jgroups>
+        <version.commons-codec>20041127.091804</version.commons-codec>
+        <version.caffeine>2.8.0</version.caffeine>
         <!-- sonar/jacoco overrides -->
         <!-- Overriding oparent default sonar/jacoco settings Combine all our reports
             into one file shared across sub-modules -->
@@ -103,6 +107,31 @@
                 <artifactId>common-parameters</artifactId>
                 <version>${version.policy.common}</version>
             </dependency>
+           <dependency>
+                <groupId>com.fasterxml.jackson.core</groupId>
+                <artifactId>jackson-core</artifactId>
+                <version>${version.jackson}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.fasterxml.jackson.core</groupId>
+                <artifactId>jackson-databind</artifactId>
+                <version>${version.jackson}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.org.jgroups</groupId>
+                <artifactId>jgroups</artifactId>
+                <version>${version.jgroups}</version>
+            </dependency>
+            <dependency>
+                <groupId>commons-codec</groupId>
+                <artifactId>comomns-codec</artifactId>
+                <version>${version.commons-codec}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.github.ben-manes.caffeine</groupId>
+                <artifactId>caffeine</artifactId>
+                <version>${version.caffeine}</version>
+            </dependency>
         </dependencies>
     </dependencyManagement>