From e8eeeb3ecf42c9bc17177fc39684ad9d207f2fc2 Mon Sep 17 00:00:00 2001
From: Lukasz Rajewski <lukasz.rajewski@orange.com>
Date: Thu, 26 Aug 2021 12:03:19 +0200
Subject: [PATCH] Fix cve

Fix cve: log4j, junit, jackson-databind

Issue-ID: MULTICLOUD-1384
Signed-off-by: Lukasz Rajewski <lukasz.rajewski@orange.com>
Change-Id: I48591144b984e7af5236d5f4ad270f3a3aedf548
---
 artifactbroker/pom.xml | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/artifactbroker/pom.xml b/artifactbroker/pom.xml
index 1ca0581..16fa7c6 100644
--- a/artifactbroker/pom.xml
+++ b/artifactbroker/pom.xml
@@ -57,7 +57,7 @@
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
             <artifactId>log4j-api</artifactId>
-            <version>2.13.3</version>
+            <version>2.14.1</version>
         </dependency>
         <dependency>
             <groupId>ch.qos.logback</groupId>
@@ -87,7 +87,12 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.9.8</version>
+            <version>2.12.3</version>
+        </dependency>
+        <dependency>
+            <groupId>com.fasterxml.jackson.core</groupId>
+            <artifactId>jackson-core</artifactId>
+            <version>2.12.3</version>
         </dependency>
         <dependency>
             <groupId>org.json</groupId>
-- 
2.16.6