From 606a1248b23a738071e9798354cebb04fe04c54d Mon Sep 17 00:00:00 2001
From: Dominik Mizyn <d.mizyn@samsung.com>
Date: Fri, 18 Oct 2019 12:26:57 +0200
Subject: [PATCH] Security Vulnerability in pom.xml fix

Security Vulnerability in pom.xml fix

Issue-ID: PORTAL-771
Change-Id: I340cb721595af090617013b739b6708ec9448781
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
---
 ecomp-portal-BE-common/pom.xml | 38 +++++++++++++++++++-------------------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/ecomp-portal-BE-common/pom.xml b/ecomp-portal-BE-common/pom.xml
index a3e445de..1a04c40d 100644
--- a/ecomp-portal-BE-common/pom.xml
+++ b/ecomp-portal-BE-common/pom.xml
@@ -136,7 +136,7 @@
 		<dependency>
 			<groupId>com.att.eelf</groupId>
 			<artifactId>eelf-core</artifactId>
-			<version>${eelf.version}</version>
+			<version>1.0.0-oss</version>
 		</dependency>
 		<dependency>
 			<groupId>com.google.code.gson</groupId>
@@ -187,7 +187,7 @@
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter</artifactId>
-			<version>1.3.0.RELEASE</version>
+			<version>1.3.1.RELEASE</version>
 			<exclusions>
 				<exclusion>
 					<groupId>org.slf4j</groupId>
@@ -204,7 +204,7 @@
 		<dependency>
 			<groupId>org.hibernate</groupId>
 			<artifactId>hibernate-validator</artifactId>
-			<version>5.1.3.Final</version>
+			<version>5.2.5.Final</version>
 		</dependency>
 		<!-- hibernate-core depends on dom4j, which has optional dependencies. 
 			On jenkins, contrary to doc, mvn 3.0.5 packages the optional dependencies 
@@ -284,7 +284,7 @@
 		<dependency>
 			<groupId>org.apache.cxf</groupId>
 			<artifactId>cxf-rt-rs-client</artifactId>
-			<version>3.0.0-milestone1</version>
+			<version>3.1.16</version>
 		</dependency>
 		<!-- Mapper -->
 		<dependency>
@@ -311,7 +311,7 @@
 		<dependency>
 			<groupId>org.elasticsearch</groupId>
 			<artifactId>elasticsearch</artifactId>
-			<version>2.2.0</version>
+			<version>6.8.2</version>
 			<exclusions>
 				<exclusion>
 					<groupId>org.apache.lucene</groupId>
@@ -322,7 +322,7 @@
 		<dependency>
 			<groupId>io.searchbox</groupId>
 			<artifactId>jest</artifactId>
-			<version>2.0.0</version>
+			<version>5.3.2</version>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.jcs</groupId>
@@ -338,7 +338,7 @@
 		<dependency>
 			<groupId>org.apache.tomcat</groupId>
 			<artifactId>tomcat-websocket</artifactId>
-			<version>8.0.28</version>
+			<version>8.0.52</version>
 			<scope>provided</scope>
 		</dependency>
 		<dependency>
@@ -361,7 +361,7 @@
 		<dependency>
 			<groupId>org.apache.poi</groupId>
 			<artifactId>poi</artifactId>
-			<version>3.15</version>
+			<version>3.17</version>
 			<exclusions>
 				<exclusion>
 					<groupId>commons-logging</groupId>
@@ -376,7 +376,7 @@
 		<dependency>
 			<groupId>org.apache.poi</groupId>
 			<artifactId>poi-ooxml</artifactId>
-			<version>3.15</version>
+			<version>3.17</version>
 			<exclusions>
 				<exclusion>
 					<groupId>commons-logging</groupId>
@@ -391,7 +391,7 @@
 		<dependency>
 			<groupId>org.apache.poi</groupId>
 			<artifactId>poi-scratchpad</artifactId>
-			<version>3.5-FINAL</version>
+			<version>3.17</version>
 			<exclusions>
 				<exclusion>
 					<groupId>commons-logging</groupId>
@@ -434,7 +434,7 @@
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
 			<artifactId>bcprov-jdk15on</artifactId>
-			<version>1.59</version>
+			<version>1.60</version>
 		</dependency>
 		<dependency>
 			<groupId>commons-codec</groupId>
@@ -562,17 +562,17 @@
 		<dependency>
 			<groupId>commons-beanutils</groupId>
 			<artifactId>commons-beanutils</artifactId>
-			<version>1.9.3</version>
+			<version>1.9.4</version>
 		</dependency>
 		<dependency>
 			<groupId>com.ecwid.consul</groupId>
 			<artifactId>consul-api</artifactId>
-			<version>1.2.1</version>
+			<version>1.3.0</version>
 		</dependency>
 		<dependency>
 			<groupId>com.orbitz.consul</groupId>
 			<artifactId>consul-client</artifactId>
-			<version>0.13.8</version>
+			<version>1.3.6</version>
 		</dependency>
 		<dependency>
 			<groupId>commons-fileupload</groupId>
@@ -603,7 +603,7 @@
 		<dependency>
 			<groupId>com.fasterxml.jackson.jaxrs</groupId>
 			<artifactId>jackson-jaxrs-json-provider</artifactId>
-			<version>2.8.10</version>
+			<version>2.10.0</version>
 		</dependency>
 		<!-- https://mvnrepository.com/artifact/org.glassfish.web/javax.el -->
 		<dependency>
@@ -626,7 +626,7 @@
 		<dependency>
 			<groupId>org.glassfish.jersey.connectors</groupId>
 			<artifactId>jersey-jetty-connector</artifactId>
-			<version>2.23.1</version>
+			<version>2.28</version>
 		</dependency>
 		<!-- Jacoco for offline instrumentation -->
 		<dependency>
@@ -638,7 +638,7 @@
 		<dependency>
              <groupId>org.owasp.esapi</groupId>
              <artifactId>esapi</artifactId>
-             <version>2.1.0.1</version>
+             <version>2.2.0.0</version>
              <exclusions>
 				<exclusion>
              		<groupId>commons-beanutils</groupId>
@@ -672,7 +672,7 @@
 		<dependency>
     		<groupId>com.thoughtworks.xstream</groupId>
     		<artifactId>xstream</artifactId>
-    		<version>1.4.10</version>
+    		<version>1.4.11</version>
 		</dependency>
 		<dependency>
 			<groupId>ch.qos.logback</groupId>
@@ -752,7 +752,7 @@
 		<dependency>
 			<groupId>com.alibaba</groupId>
 			<artifactId>fastjson</artifactId>
-			<version>1.2.7</version>
+			<version>1.2.25</version>
 		</dependency>
 	</dependencies>
 
-- 
2.16.6