Code Review / cli.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 863b5cf)
fix Istanbul CLI vulnerabilities 84/123384/3
authorsharath reddy <bs.reddy@huawei.com>
Thu, 19 Aug 2021 10:20:10 +0000 (15:50 +0530)
committersharath reddy <bs.reddy@huawei.com>
Tue, 24 Aug 2021 11:22:48 +0000 (16:52 +0530)
Issue-ID: CLI-401

Signed-off-by: sharath reddy <bs.reddy@huawei.com>
Change-Id: I0ca2826bfb3d41ce90e78d1a0ec69109b1ab260c
Signed-off-by: sharath reddy <bs.reddy@huawei.com>
framework/pom.xml patch | blob | history
profiles/http/pom.xml patch | blob | history

diff --git a/framework/pom.xml b/framework/pom.xml
index 024d1a6..e0853ef 100644 (file)
--- a/framework/pom.xml
+++ b/framework/pom.xml
@@ -101,7 +101,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.11.0</version>
+            <version>2.12.1</version>
             <exclusions>
                 <exclusion>
                     <groupId>com.fasterxml.jackson.core</groupId>
@@ -112,7 +112,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-core</artifactId>
-            <version>2.11.0</version>
+            <version>2.12.1</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.dataformat</groupId>
diff --git a/profiles/http/pom.xml b/profiles/http/pom.xml
index a89ba75..e937c43 100644 (file)
--- a/profiles/http/pom.xml
+++ b/profiles/http/pom.xml
@@ -52,7 +52,7 @@ Excluded commons-codec vulnerable version and added invulnerable version
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
             <artifactId>httpclient</artifactId>
-            <version>4.5.7</version>
+            <version>4.5.13</version>
             <exclusions>
                 <exclusion>
                     <groupId>commons-codec</groupId>
@@ -110,7 +110,7 @@ Excluded commons-codec vulnerable version and added invulnerable version
       <dependency>
           <groupId>io.netty</groupId>
           <artifactId>netty-codec-http</artifactId>
-          <version>4.1.48.Final</version>
+          <version>4.1.63.Final</version>
       </dependency>
           <dependency>
             <groupId>junit</groupId>
@@ -133,7 +133,7 @@ Excluded commons-codec vulnerable version and added invulnerable version
       <dependency>
           <groupId>com.fasterxml.jackson.core</groupId>
           <artifactId>jackson-databind</artifactId>
-          <version>2.10.0</version>
+          <version>2.12.1</version>
       </dependency>
    </dependencies>
    <build>
Provides required Command Line Interface for ONAP