Commit 81d7d0c6 authored by cdanger's avatar cdanger

Fixed CVE issue on spring-core

parent f27ebd3b
......@@ -10,4 +10,13 @@
<cve>CVE-2007-6059</cve>
<cve>CVE-2015-9097</cve>
</suppress>
</suppressions>
\ No newline at end of file
<suppress>
<notes><![CDATA[
file name: spring-core-4.3.17.RELEASE.jar,
false positive for CVE-2018-1258
]]></notes>
<gav>org.springframework:spring-core:4.3.17.RELEASE</gav>
<cve>CVE-2018-1258</cve>
</suppress>
</suppressions>
......@@ -31,9 +31,6 @@
etc. -->
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<!-- Mitigation for CVE-2018-1257, CVE-2018-1258, CVE-2018-1275, CVE-2018-1271, CVE-2018-1270, CVE-2018-1272.
TODO: fix it in authzforce-ce-parent's managed version -->
<version>4.3.17.RELEASE</version>
</dependency>
<dependency>
<!-- For loading XML schemas with OASIS catalog (CatalogManager) -->
......
......@@ -10,4 +10,13 @@
<cve>CVE-2007-6059</cve>
<cve>CVE-2015-9097</cve>
</suppress>
</suppressions>
\ No newline at end of file
<suppress>
<notes><![CDATA[
file name: spring-core-4.3.17.RELEASE.jar,
false positive for CVE-2018-1258
]]></notes>
<gav>org.springframework:spring-core:4.3.17.RELEASE</gav>
<cve>CVE-2018-1258</cve>
</suppress>
</suppressions>
......@@ -36,6 +36,13 @@
<version>15.2.0</version>
</dependency>
<!-- /AuthzForce dependencies -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<!-- Mitigation for CVE-2018-1257, CVE-2018-1258, CVE-2018-1275, CVE-2018-1271, CVE-2018-1270, CVE-2018-1272.
TODO: fix it in authzforce-ce-parent's managed version -->
<version>4.3.17.RELEASE</version>
</dependency>
<!-- Test dependencies -->
<dependency>
<groupId>junit</groupId>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment