Fix vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42

author Prudence Au <prudence.au@amdocs.com>

Fri, 9 Aug 2019 01:47:50 +0000 (21:47 -0400)

committer Prudence Au <prudence.au@amdocs.com>

Fri, 9 Aug 2019 01:47:50 +0000 (21:47 -0400)
author Prudence Au <prudence.au@amdocs.com>
Fri, 9 Aug 2019 01:47:50 +0000 (21:47 -0400)
committer Prudence Au <prudence.au@amdocs.com>
Fri, 9 Aug 2019 01:47:50 +0000 (21:47 -0400)
diff --git a/reference/logging-slf4j-demo/pom.xml b/reference/logging-slf4j-demo/pom.xml

index 55c5ce9..61370d9 100644 (file)
--- a/reference/logging-slf4j-demo/pom.xml
+++ b/reference/logging-slf4j-demo/pom.xml
@@ -16,7 +16,7 @@
               spring-expression 4.3.14 goes to 4.3.17 under 1.5.15
               1.5.17 ups jackson-databind from 2.8.11.2 - but we will likely need 2.9+
           -->
-        <springframework.boot.version>1.5.17.RELEASE</springframework.boot.version>
+        <springframework.boot.version>1.5.22.RELEASE</springframework.boot.version>
          <spring.version>5.1.2.RELEASE</spring.version>
          <logback.version>1.2.3</logback.version>
      </properties>
@@ -30,7 +30,17 @@
          <dependency>
              <groupId>org.springframework.boot</groupId>
              <artifactId>spring-boot-starter-web</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.springframework.boot</groupId>
+                    <artifactId>spring-boot-starter-json</artifactId>
+                </exclusion>
+            </exclusions>
          </dependency>
+        <dependency>
+            <groupId>com.google.code.gson</groupId>
+            <artifactId>gson</artifactId>
+               </dependency>
          <dependency>
              <groupId>org.apache.commons</groupId>
              <artifactId>commons-lang3</artifactId>
author	Prudence Au <prudence.au@amdocs.com>
	Fri, 9 Aug 2019 01:47:50 +0000 (21:47 -0400)
committer	Prudence Au <prudence.au@amdocs.com>
	Fri, 9 Aug 2019 01:47:50 +0000 (21:47 -0400)