From 2ca9ef38a83f7eea8762860a0b2fac3241e42b29 Mon Sep 17 00:00:00 2001
From: Amichai Hemli <amichai.hemli@intl.att.com>
Date: Sun, 2 Feb 2020 15:46:13 +0200
Subject: [PATCH] upgrade spring.framework to latest 5.2.3 to avoid
 CVE-2020-5398/7

Issue-ID: VID-736
Signed-off-by: Amichai Hemli <amichai.hemli@intl.att.com>
Change-Id: Id9d81c032a7bcbb92dc1f358db0efb026667b178
---
 epsdk-app-onap/pom.xml | 2 +-
 vid-app-common/pom.xml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/epsdk-app-onap/pom.xml b/epsdk-app-onap/pom.xml
index be810e5ba..0b9b60996 100755
--- a/epsdk-app-onap/pom.xml
+++ b/epsdk-app-onap/pom.xml
@@ -27,7 +27,7 @@
         <epsdk.version>2.5.0</epsdk.version>
         <jackson.version>2.10.1</jackson.version>
         <jackson.databind.version>2.10.1</jackson.databind.version>
-        <springframework.version>5.2.0.RELEASE</springframework.version>
+        <springframework.version>5.2.3.RELEASE</springframework.version>
         <!-- epsdk-core is importing this class, which is only on spring-orm 4 but not in orm 5:
          org.springframework.orm.hibernate4.HibernateTransactionManager
          so following orm.version lets epsdk-core find it -->
diff --git a/vid-app-common/pom.xml b/vid-app-common/pom.xml
index cc32c2ae7..1b786c2c0 100755
--- a/vid-app-common/pom.xml
+++ b/vid-app-common/pom.xml
@@ -27,7 +27,7 @@
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <epsdk.version>2.6.0</epsdk.version>
         <epsdk.overlay.version>2.5.0</epsdk.overlay.version>
-        <springframework.version>5.2.0.RELEASE</springframework.version>
+        <springframework.version>5.2.3.RELEASE</springframework.version>
         <springframework.orm.version>4.3.22.RELEASE</springframework.orm.version>
         <!-- epsdk-core is importing this class, which is only on spring-orm 4 but not in orm 5:
          org.springframework.orm.hibernate4.HibernateTransactionManager
-- 
2.16.6