From: Prudence Au <prudence.au@amdocs.com>
Date: Fri, 9 Aug 2019 02:16:39 +0000 (-0400)
Subject: Fix vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42
X-Git-Tag: 1.5.0~2
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F43%2F93143%2F1;p=logging-analytics%2Fpomba%2Fpomba-context-aggregator.git

Fix vulnerability issue: upgrade org.apache.tomcat.embed.tomcat-embed-core to 8.5.42

tomcat-embed-core is part of springboot

Issue-ID: LOG-1066
Signed-off-by: Prudence Au <prudence.au@amdocs.com>
Change-Id: Ic15e512eefd09ce3a90b93822e9c00d5e7418a89
---

diff --git a/pom.xml b/pom.xml
index 4551c1a..9b41632 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,7 +28,7 @@
       <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-dependencies</artifactId>
-        <version>1.5.17.RELEASE</version>
+        <version>1.5.22.RELEASE</version>
         <type>pom</type>
         <scope>import</scope>
       </dependency>
@@ -63,6 +63,12 @@
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-web</artifactId>
+      <exclusions>
+        <exclusion>
+          <groupId>org.springframework.boot</groupId>
+          <artifactId>spring-boot-starter-json</artifactId>
+        </exclusion>
+      </exclusions>
     </dependency>
     <dependency>
       <groupId>org.springframework.boot</groupId>
@@ -71,7 +77,7 @@
     <dependency>
       <groupId>org.onap.logging-analytics.pomba</groupId>
       <artifactId>pomba-audit-common</artifactId>
-      <version>1.4.0</version>
+      <version>1.5.0-SNAPSHOT</version>
     </dependency>
     <dependency>
       <groupId>com.google.code.gson</groupId>