From b0512c0b66d91ca71a53e4f4b9073a2b509d0eaf Mon Sep 17 00:00:00 2001
From: LiZi <li.zi30@zte.com.cn>
Date: Sat, 24 Feb 2018 04:25:32 -0500
Subject: [PATCH] Fix the security issue of esr server.

Fix the security issue CVE-2016-3720 and CVE-2017-17485

Change-Id: I3f7d0c4fb841d72e2b463091a5c4b5e5e81f0611
Issue-ID: AAI-592
Signed-off-by: LiZi <li.zi30@zte.com.cn>
---
 esr-mgr/pom.xml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/esr-mgr/pom.xml b/esr-mgr/pom.xml
index 58d7932..33a0c1c 100644
--- a/esr-mgr/pom.xml
+++ b/esr-mgr/pom.xml
@@ -141,11 +141,23 @@
         <dependency>
             <groupId>io.swagger</groupId>
             <artifactId>swagger-jersey2-jaxrs</artifactId>
+			<exclusions>
+                <exclusion>
+                    <groupId>com.fasterxml.jackson.dataformat</groupId>
+					<artifactId>jackson-dataformat-xml</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
 		<dependency>
 			<groupId>com.fasterxml.jackson.core</groupId>
 			<artifactId>jackson-databind</artifactId>
 			<version>2.9.4</version>
+			<exclusions>
+                <exclusion>
+                    <groupId>com.github.roskart.dropwizard-jaxws</groupId>
+					<artifactId>dropwizard-jaxws</artifactId>
+                </exclusion>
+            </exclusions>
 		</dependency>
         <!-- jersey -->
         <dependency>
-- 
2.16.6