Commit 10a41052 authored by Spencer Sutton's avatar Spencer Sutton
Browse files

Patching log4j vulnerability

parent 616140e0
Pipeline #82562 failed with stages
in 2 minutes and 20 seconds
......@@ -16,7 +16,7 @@
<properties>
<commons-beanutils.version>1.9.4</commons-beanutils.version>
<osdu.oscorecommon.version>0.12.0-rc3</osdu.oscorecommon.version>
<osdu.oscorecommon.version>0.13.0-rc3</osdu.oscorecommon.version>
</properties>
<dependencies>
......
......@@ -19,7 +19,7 @@
<java.version>1.8</java.version>
<springfox-version>2.7.0</springfox-version>
<spring-cloud.version>Greenwich.SR2</spring-cloud.version>
<os-core-common.version>0.12.0-rc3</os-core-common.version>
<os-core-common.version>0.13.0-rc3</os-core-common.version>
<snakeyaml.version>1.26</snakeyaml.version>
<hibernate-validator.version>6.1.5.Final</hibernate-validator.version>
<jackson.version>2.11.4</jackson.version>
......@@ -29,6 +29,7 @@
<netty.version>4.1.51.Final</netty.version>
<reactor-netty.version>0.8.20.RELEASE</reactor-netty.version>
<woodstox-core.version>6.2.3</woodstox-core.version>
<log4j2.version>2.16.0</log4j2.version>
<!-- <maven.compiler.target>1.8</maven.compiler.target>-->
<!-- <maven.compiler.source>1.8</maven.compiler.source>-->
<!-- <maven.war.plugin>2.6</maven.war.plugin>-->
......@@ -49,6 +50,16 @@
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-to-slf4j</artifactId>
<version>${log4j2.version}</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-api</artifactId>
<version>${log4j2.version}</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-bom</artifactId>
......
......@@ -47,7 +47,7 @@
<dependency>
<groupId>org.opengroup.osdu.core.aws</groupId>
<artifactId>os-core-lib-aws</artifactId>
<version>0.11.0</version>
<version>0.13.0-SNAPSHOT</version>
</dependency>
<!-- AWS managed packages -->
......
......@@ -41,8 +41,8 @@
<nimbus-jose-jwt.version>8.2</nimbus-jose-jwt.version>
<indexer-core.version>0.13.0-SNAPSHOT</indexer-core.version>
<spring-security-jwt.version>1.1.1.RELEASE</spring-security-jwt.version>
<osdu.corelibazure.version>0.12.0-rc10</osdu.corelibazure.version>
<osdu.oscorecommon.version>0.12.0-rc3</osdu.oscorecommon.version>
<osdu.corelibazure.version>0.13.0-rc5</osdu.corelibazure.version>
<osdu.oscorecommon.version>0.13.0-rc3</osdu.oscorecommon.version>
<reactor-netty.version>0.9.12.RELEASE</reactor-netty.version>
<java-jwt.version>3.8.1</java-jwt.version>
<powermock.version>2.0.2</powermock.version>
......
......@@ -19,7 +19,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>core-lib-gcp</artifactId>
<version>0.12.0-rc3</version>
<version>0.13.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu.indexer</groupId>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment