Fixed security vulnerability

author jitendra007 <jitendra.sharma1@huawei.com>

Fri, 24 Jul 2020 13:05:06 +0000 (18:35 +0530)

committer jitendra007 <jitendra.sharma1@huawei.com>

Fri, 24 Jul 2020 13:07:54 +0000 (18:37 +0530)
author jitendra007 <jitendra.sharma1@huawei.com>
Fri, 24 Jul 2020 13:05:06 +0000 (18:35 +0530)
committer jitendra007 <jitendra.sharma1@huawei.com>
Fri, 24 Jul 2020 13:07:54 +0000 (18:37 +0530)
diff --git a/framework/pom.xml b/framework/pom.xml

index 9878cd8..cd9d90e 100644 (file)
--- a/framework/pom.xml
+++ b/framework/pom.xml
@@ -74,7 +74,7 @@
          <dependency>
              <groupId>commons-codec</groupId>
              <artifactId>commons-codec</artifactId>
-            <version>1.13</version>
+            <version>1.14</version>
          </dependency>
          <dependency>
              <groupId>org.apache.commons</groupId>
diff --git a/grpc/pom.xml b/grpc/pom.xml

index 0055d2b..cd31b2e 100644 (file)
--- a/grpc/pom.xml
+++ b/grpc/pom.xml
@@ -52,9 +52,29 @@
          <groupId>io.netty</groupId>
          <artifactId>netty-codec-http2</artifactId>
          <version>4.1.46.Final</version>
+        <exclusions>
+            <exclusion>
+                <groupId>io.netty</groupId>
+                <artifactId>netty-codec-http</artifactId>
+            </exclusion>
+            <exclusion>
+                <groupId>io.netty</groupId>
+                <artifactId>netty-handler</artifactId>
+            </exclusion>
+        </exclusions>
      </dependency>
-      
-    <dependency>
+      <dependency>
+          <groupId>io.netty</groupId>
+          <artifactId>netty-codec-http</artifactId>
+          <version>4.1.48.Final</version>
+      </dependency>
+      <dependency>
+          <groupId>io.netty</groupId>
+          <artifactId>netty-handler</artifactId>
+          <version>4.1.19.Final</version>
+      </dependency>
+
+      <dependency>
        <groupId>io.grpc</groupId>
        <artifactId>grpc-protobuf</artifactId>
        <version>${grpc.version}</version>
diff --git a/profiles/http/pom.xml b/profiles/http/pom.xml

index 0458941..3dee45c 100644 (file)
--- a/profiles/http/pom.xml
+++ b/profiles/http/pom.xml
@@ -63,7 +63,7 @@ Excluded commons-codec vulnerable version and added invulnerable version
        <dependency>
            <groupId>commons-codec</groupId>
            <artifactId>commons-codec</artifactId>
-          <version>1.13</version>
+          <version>1.14</version>
        </dependency>
          <dependency>
            <groupId>org.apache.httpcomponents</groupId>
author	jitendra007 <jitendra.sharma1@huawei.com>
	Fri, 24 Jul 2020 13:05:06 +0000 (18:35 +0530)
committer	jitendra007 <jitendra.sharma1@huawei.com>
	Fri, 24 Jul 2020 13:07:54 +0000 (18:37 +0530)
framework/pom.xml		patch \| blob \| history
grpc/pom.xml		patch \| blob \| history
profiles/http/pom.xml		patch \| blob \| history