From: Amichai Hemli <amichai.hemli@intl.att.com>
Date: Sun, 2 Feb 2020 13:46:13 +0000 (+0200)
Subject: upgrade spring.framework to latest 5.2.3 to avoid CVE-2020-5398/7
X-Git-Tag: 6.0.3~64^2
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=2ca9ef38a83f7eea8762860a0b2fac3241e42b29;p=vid.git

upgrade spring.framework to latest 5.2.3 to avoid CVE-2020-5398/7

Issue-ID: VID-736
Signed-off-by: Amichai Hemli <amichai.hemli@intl.att.com>
Change-Id: Id9d81c032a7bcbb92dc1f358db0efb026667b178
---

diff --git a/epsdk-app-onap/pom.xml b/epsdk-app-onap/pom.xml
index be810e5ba..0b9b60996 100755
--- a/epsdk-app-onap/pom.xml
+++ b/epsdk-app-onap/pom.xml
@@ -27,7 +27,7 @@
         <epsdk.version>2.5.0</epsdk.version>
         <jackson.version>2.10.1</jackson.version>
         <jackson.databind.version>2.10.1</jackson.databind.version>
-        <springframework.version>5.2.0.RELEASE</springframework.version>
+        <springframework.version>5.2.3.RELEASE</springframework.version>
         <!-- epsdk-core is importing this class, which is only on spring-orm 4 but not in orm 5:
          org.springframework.orm.hibernate4.HibernateTransactionManager
          so following orm.version lets epsdk-core find it -->
diff --git a/vid-app-common/pom.xml b/vid-app-common/pom.xml
index cc32c2ae7..1b786c2c0 100755
--- a/vid-app-common/pom.xml
+++ b/vid-app-common/pom.xml
@@ -27,7 +27,7 @@
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <epsdk.version>2.6.0</epsdk.version>
         <epsdk.overlay.version>2.5.0</epsdk.overlay.version>
-        <springframework.version>5.2.0.RELEASE</springframework.version>
+        <springframework.version>5.2.3.RELEASE</springframework.version>
         <springframework.orm.version>4.3.22.RELEASE</springframework.orm.version>
         <!-- epsdk-core is importing this class, which is only on spring-orm 4 but not in orm 5:
          org.springframework.orm.hibernate4.HibernateTransactionManager