From caead0115fa286d6796ad749464e8df09f383338 Mon Sep 17 00:00:00 2001 From: Pamela Dragosh Date: Thu, 1 Mar 2018 18:00:06 -0500 Subject: [PATCH] Remove CLM issues with commons-collections We know that we are not configuring an LDAP PIP in our use of the XACML open source. The LDAP implementation uses Apache Velocity, which uses a very old version of commons-collections that has security issues. So we can exclude commons-collections from the build. Issue-ID: POLICY-507 Change-Id: I735eae4fe507ad016d9b0b49e67536415edb9820 Signed-off-by: Pamela Dragosh --- ONAP-PDP/pom.xml | 9 +++++++++ ONAP-XACML/pom.xml | 9 +++++++++ 2 files changed, 18 insertions(+) diff --git a/ONAP-PDP/pom.xml b/ONAP-PDP/pom.xml index d302c955d..dc3953b76 100644 --- a/ONAP-PDP/pom.xml +++ b/ONAP-PDP/pom.xml @@ -73,6 +73,15 @@ com.att.research.xacml xacml-pdp 1.0.1 + + + + commons-collections + commons-collections + + junit diff --git a/ONAP-XACML/pom.xml b/ONAP-XACML/pom.xml index c399e3fa9..b6f12c005 100644 --- a/ONAP-XACML/pom.xml +++ b/ONAP-XACML/pom.xml @@ -83,6 +83,15 @@ com.att.research.xacml xacml 1.0.1 + + + + commons-collections + commons-collections + + -- 2.16.6