From b8c38d101b262b42ce0e1184005ae9493a25ffad Mon Sep 17 00:00:00 2001
From: Jim Hahn <jrh3@att.com>
Date: Thu, 19 Sep 2019 16:59:21 -0400
Subject: [PATCH] Upgrade Jackson version for security

This change upgrades the Jackson version to 2.10.0.pr3, wherever it
is referenced, which has a lower level of security vulnerability, 7
as opposed to 10.

Change-Id: I346555dee60069b575f0eb86c5ca4be281e84b31
Issue-ID: POLICY-1644
Signed-off-by: Jim Hahn <jrh3@att.com>
---
 integration/pom.xml | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/integration/pom.xml b/integration/pom.xml
index 0a707999..fb4924d3 100644
--- a/integration/pom.xml
+++ b/integration/pom.xml
@@ -39,6 +39,7 @@
         <version.dmaap>1.1.9</version.dmaap>
         <version.powermock>1.7.4</version.powermock>
         <version.eclipselink>2.7.0</version.eclipselink>
+        <version.jackson>2.10.0.pr3</version.jackson>
     </properties>
 
     <distributionManagement>
@@ -50,6 +51,38 @@
 
     <dependencyManagement>
         <dependencies>
+            <!-- Jackson -->
+            <dependency>
+                <groupId>com.fasterxml.jackson.core</groupId>
+                <artifactId>jackson-annotations</artifactId>
+                <version>${version.jackson}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.fasterxml.jackson.core</groupId>
+                <artifactId>jackson-core</artifactId>
+                <version>${version.jackson}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.fasterxml.jackson.core</groupId>
+                <artifactId>jackson-databind</artifactId>
+                <version>${version.jackson}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.fasterxml.jackson.dataformat</groupId>
+                <artifactId>jackson-dataformat-yaml</artifactId>
+                <version>${version.jackson}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.fasterxml.jackson.jaxrs</groupId>
+                <artifactId>jackson-jaxrs-base</artifactId>
+                <version>${version.jackson}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.fasterxml.jackson.jaxrs</groupId>
+                <artifactId>jackson-jaxrs-json-provider</artifactId>
+                <version>${version.jackson}</version>
+            </dependency>
+
             <!-- MariaDB -->
             <dependency>
                 <groupId>org.mariadb.jdbc</groupId>
-- 
2.16.6