Commit 287ad899 authored by Alok Joshi's avatar Alok Joshi
Browse files

Merge branch 'fix_sec_vul' into 'master'

Update libraries to fix CVE security vulnerabilities

See merge request osdu/platform/system/search-service!101
parents 859c33c7 e3b506e1
......@@ -127,7 +127,6 @@ The following software have components provided under the terms of this license:
- Jackson 2 extensions to the Google HTTP Client Library for Java. (from https://github.com/google/google-http-java-client.git/google-http-client-jackson2)
- Jackson CoreUtils (from https://github.com/fge/jackson-coreutils)
- Jackson dataformat: CBOR (from http://github.com/FasterXML/jackson-dataformats-binary)
- Jackson dataformat: CBOR (from http://github.com/FasterXML/jackson-dataformats-binary)
- Jackson datatype: JSR310 (from http://wiki.fasterxml.com/JacksonModuleJSR310)
- Jackson datatype: JSR310 (from http://wiki.fasterxml.com/JacksonModuleJSR310)
- Jackson extensions to the Google HTTP Client Library for Java. (from )
......@@ -206,10 +205,10 @@ The following software have components provided under the terms of this license:
- Microsoft Azure Java Core Library (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure Netty HTTP Client Library (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure SDK for SQL API of Azure Cosmos DB Service (from https://github.com/Azure/azure-sdk-for-java)
- Mockito (from http://mockito.org)
- Mockito (from http://mockito.org)
- Mockito (from http://www.mockito.org)
- Mockito (from http://mockito.org)
- Mockito (from http://www.mockito.org)
- Mockito (from http://mockito.org)
- MongoDB Driver (from http://www.mongodb.org)
- MongoDB Java Driver Core (from http://www.mongodb.org)
- Msg Simple (from https://github.com/fge/msg-simple)
......@@ -418,7 +417,6 @@ The following software have components provided under the terms of this license:
- swagger-models (from )
- tomcat-annotations-api (from http://tomcat.apache.org/)
- tomcat-embed-core (from http://tomcat.apache.org/)
- tomcat-embed-core (from http://tomcat.apache.org/)
- tomcat-embed-el (from http://tomcat.apache.org/)
- tomcat-embed-websocket (from http://tomcat.apache.org/)
- x-content (from https://github.com/elastic/elasticsearch)
......@@ -571,7 +569,6 @@ The following software have components provided under the terms of this license:
- jersey-ext-bean-validation (from )
- jersey-spring4 (from )
- tomcat-embed-core (from http://tomcat.apache.org/)
- tomcat-embed-core (from http://tomcat.apache.org/)
========================================================================
CPL-1.0
......@@ -652,7 +649,6 @@ The following software have components provided under the terms of this license:
- jersey-media-json-jackson (from git://java.net/jersey~code/project/jersey-media-json-jackson)
- jersey-spring4 (from )
- tomcat-embed-core (from http://tomcat.apache.org/)
- tomcat-embed-core (from http://tomcat.apache.org/)
========================================================================
GPL-2.0-or-later
......@@ -697,7 +693,6 @@ The following software have components provided under the terms of this license:
- jersey-media-json-jackson (from git://java.net/jersey~code/project/jersey-media-json-jackson)
- jersey-spring4 (from )
- tomcat-embed-core (from http://tomcat.apache.org/)
- tomcat-embed-core (from http://tomcat.apache.org/)
========================================================================
GPL-3.0-only
......
......@@ -32,7 +32,7 @@
<properties>
<skip.unit.tests>false</skip.unit.tests>
<skip.integration.tests>true</skip.integration.tests>
<jackson.version>2.11.2</jackson.version>
<jackson.version>2.11.4</jackson.version>
<resteasy.version>3.12.0.Final</resteasy.version>
<elasticsearch.version>7.8.1</elasticsearch.version>
<snakeyaml.version>1.26</snakeyaml.version>
......@@ -44,7 +44,8 @@
<log4j-core.version>2.13.2</log4j-core.version>
<google-oauth-client.version>1.31.0</google-oauth-client.version>
<commons-compress.version>1.20</commons-compress.version>
<osdu.oscorecommon.version>0.9.0-rc3</osdu.oscorecommon.version>
<osdu.oscorecommon.version>0.9.0-rc4</osdu.oscorecommon.version>
<tomcat-embed-core.version>9.0.45</tomcat-embed-core.version>
</properties>
<licenses>
......@@ -101,6 +102,12 @@
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<version>${elasticsearch.version}</version>
<exclusions>
<exclusion>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-cbor</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
......@@ -323,6 +330,11 @@
<artifactId>os-core-common</artifactId>
<version>${osdu.oscorecommon.version}</version>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>${tomcat-embed-core.version}</version>
</dependency>
</dependencies>
<repositories>
......
......@@ -39,7 +39,7 @@
<aws.version>1.11.637</aws.version>
<deployment.environment>dev</deployment.environment>
<version.number>0.0.4-SNAPSHOT</version.number>
<osdu.oscorecommon.version>0.8.0-rc3</osdu.oscorecommon.version>
<osdu.oscorecommon.version>0.9.0-rc4</osdu.oscorecommon.version>
</properties>
<dependencies>
......@@ -89,6 +89,12 @@
<dependency>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<exclusions>
<exclusion>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-cbor</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.locationtech.spatial4j</groupId>
......
......@@ -36,8 +36,8 @@
<failOnMissingWebXml>false</failOnMissingWebXml>
<project.main.basedir>${project.parent.basedir}</project.main.basedir>
<springboot.version>2.1.7.RELEASE</springboot.version>
<osdu.corelibazure.version>0.8.0-rc1</osdu.corelibazure.version>
<osdu.oscorecommon.version>0.9.0-rc3</osdu.oscorecommon.version>
<osdu.corelibazure.version>0.9.0-rc1</osdu.corelibazure.version>
<osdu.oscorecommon.version>0.9.0-rc4</osdu.oscorecommon.version>
<osdu.search-core.version>0.9.0-SNAPSHOT</osdu.search-core.version>
<spatial4j.version>0.7</spatial4j.version>
<jts-io-common.version>1.15.0</jts-io-common.version>
......
......@@ -48,7 +48,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
<version>0.8.0-rc3</version>
<version>0.9.0-rc4</version>
</dependency>
<dependency>
......
......@@ -54,7 +54,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
<version>0.8.0-rc3</version>
<version>0.9.0-rc4</version>
</dependency>
<dependency>
......@@ -125,6 +125,12 @@
<dependency>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<exclusions>
<exclusion>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-cbor</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.elasticsearch.client</groupId>
......
......@@ -25,7 +25,7 @@
<properties>
<os-core-lib-ibm.version>0.7.1</os-core-lib-ibm.version>
<start-class>org.opengroup.osdu.search.provider.ibm.app.SearchIBMApplication</start-class>
<osdu.oscorecommon.version>0.8.0-rc3</osdu.oscorecommon.version>
<osdu.oscorecommon.version>0.9.0-rc4</osdu.oscorecommon.version>
</properties>
......@@ -88,6 +88,12 @@
<dependency>
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<exclusions>
<exclusion>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-cbor</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.elasticsearch.client</groupId>
......
......@@ -33,7 +33,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
<version>0.8.0-rc3</version>
<version>0.9.0-rc4</version>
</dependency>
<dependency>
......
......@@ -36,7 +36,6 @@
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<failOnMissingWebXml>false</failOnMissingWebXml>
<project.main.basedir>${project.basedir}</project.main.basedir>
<tomcat-embed-core.version>9.0.37</tomcat-embed-core.version>
<nimbus-jose-jwt.version>9.1.2</nimbus-jose-jwt.version>
<elasticsearch.version>7.8.1</elasticsearch.version>
</properties>
......@@ -183,6 +182,12 @@
<groupId>org.elasticsearch</groupId>
<artifactId>elasticsearch</artifactId>
<version>${elasticsearch.version}</version>
<exclusions>
<exclusion>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-cbor</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.elasticsearch.client</groupId>
......@@ -242,11 +247,6 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
<version>${tomcat-embed-core.version}</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-core</artifactId>
......
......@@ -25,7 +25,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>os-core-common</artifactId>
<version>0.0.18</version>
<version>0.9.0-rc4</version>
</dependency>
<dependency>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment