From: Amichai Hemli <amichai.hemli@intl.att.com>
Date: Sun, 2 Feb 2020 14:50:58 +0000 (+0000)
Subject: Merge "upgrade spring.framework to latest 5.2.3 to avoid CVE-2020-5398/7"
X-Git-Tag: 6.0.3~64
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=e0071f0d81a88a417eacd47ef1f0c9451227e9ad;hp=74e6271d3c9a5f0f2f471c607ca7bc9b8f3d5fc0;p=vid.git

Merge "upgrade spring.framework to latest 5.2.3 to avoid CVE-2020-5398/7"
---

diff --git a/epsdk-app-onap/pom.xml b/epsdk-app-onap/pom.xml
index c18d8b6bf..a7ce6b492 100755
--- a/epsdk-app-onap/pom.xml
+++ b/epsdk-app-onap/pom.xml
@@ -28,7 +28,7 @@
         <epsdk.overlay.version>2.5.0</epsdk.overlay.version>
         <jackson.version>2.10.1</jackson.version>
         <jackson.databind.version>2.10.1</jackson.databind.version>
-        <springframework.version>5.2.0.RELEASE</springframework.version>
+        <springframework.version>5.2.3.RELEASE</springframework.version>
         <!-- epsdk-core is importing this class, which is only on spring-orm 4 but not in orm 5:
          org.springframework.orm.hibernate4.HibernateTransactionManager
          so following orm.version lets epsdk-core find it -->
diff --git a/vid-app-common/pom.xml b/vid-app-common/pom.xml
index 2efd10426..94d07dbeb 100755
--- a/vid-app-common/pom.xml
+++ b/vid-app-common/pom.xml
@@ -27,7 +27,7 @@
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <epsdk.version>2.6.0</epsdk.version>
         <epsdk.overlay.version>2.5.0</epsdk.overlay.version>
-        <springframework.version>5.2.0.RELEASE</springframework.version>
+        <springframework.version>5.2.3.RELEASE</springframework.version>
         <springframework.orm.version>4.3.22.RELEASE</springframework.orm.version>
         <!-- epsdk-core is importing this class, which is only on spring-orm 4 but not in orm 5:
          org.springframework.orm.hibernate4.HibernateTransactionManager