From: deepikasatheesh <deepika.s84@wipro.com>
Date: Thu, 30 Jul 2020 05:53:54 +0000 (-0700)
Subject: Fix SO Security vulnerabilities
X-Git-Tag: 1.7.1~45^2
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=f70e8decf13e2966b02649699db07e11d190463d;p=so.git

Fix SO Security vulnerabilities

Issue-ID: SO-3047
Signed-off-by: deepikasatheesh <deepika.s84@wipro.com>
Change-Id: I63ab8670e90b78d6049eafff7e139a84bfbf6784
---

diff --git a/adapters/etsi-sol003-adapter/pom.xml b/adapters/etsi-sol003-adapter/pom.xml
index fe34ff47c3..9ea25a5eb7 100644
--- a/adapters/etsi-sol003-adapter/pom.xml
+++ b/adapters/etsi-sol003-adapter/pom.xml
@@ -16,7 +16,7 @@
     <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
     <version-swagger-codegen>2.3.1</version-swagger-codegen>
     <gson-fire-version>1.8.2</gson-fire-version>
-    <retrofit-version>2.3.0</retrofit-version>
+    <retrofit-version>2.7.2</retrofit-version>
     <threetenbp-version>1.3.5</threetenbp-version>
     <oltu-version>1.0.1</oltu-version>
     <swagger-core-version>1.5.21</swagger-core-version>
diff --git a/bpmn/MSOCommonBPMN/pom.xml b/bpmn/MSOCommonBPMN/pom.xml
index c395b01221..0c61cc3012 100644
--- a/bpmn/MSOCommonBPMN/pom.xml
+++ b/bpmn/MSOCommonBPMN/pom.xml
@@ -182,7 +182,7 @@
     <dependency>
       <groupId>commons-beanutils</groupId>
       <artifactId>commons-beanutils</artifactId>
-      <version>1.9.3</version>
+      <version>1.9.4</version>
     </dependency>
     <dependency>
       <groupId>org.springframework.boot</groupId>
diff --git a/bpmn/mso-infrastructure-bpmn/pom.xml b/bpmn/mso-infrastructure-bpmn/pom.xml
index 0df49c103a..9c9a7f9257 100644
--- a/bpmn/mso-infrastructure-bpmn/pom.xml
+++ b/bpmn/mso-infrastructure-bpmn/pom.xml
@@ -342,6 +342,10 @@
           <groupId>javax.servlet</groupId>
           <artifactId>servlet-api</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>log4j</groupId>
+          <artifactId>log4j</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
   </dependencies>
diff --git a/common/pom.xml b/common/pom.xml
index 08dfc4d905..4223e0a0ae 100644
--- a/common/pom.xml
+++ b/common/pom.xml
@@ -143,6 +143,10 @@
           <groupId>javax.servlet</groupId>
           <artifactId>servlet-api</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>log4j</groupId>
+          <artifactId>log4j</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
     <dependency>
diff --git a/mso-api-handlers/mso-api-handler-infra/pom.xml b/mso-api-handlers/mso-api-handler-infra/pom.xml
index afb734d46e..eb7b73caab 100644
--- a/mso-api-handlers/mso-api-handler-infra/pom.xml
+++ b/mso-api-handlers/mso-api-handler-infra/pom.xml
@@ -244,6 +244,10 @@
           <groupId>javax.servlet</groupId>
           <artifactId>servlet-api</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>log4j</groupId>
+          <artifactId>log4j</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
     <dependency>
diff --git a/pom.xml b/pom.xml
index 0243def0ab..4912c6109f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -916,7 +916,7 @@
       <dependency>
         <groupId>org.yaml</groupId>
         <artifactId>snakeyaml</artifactId>
-        <version>1.23</version>
+        <version>1.26</version>
       </dependency>
       <dependency>
         <groupId>javax.interceptor</groupId>