Commit 4504fb6b authored by cdanger's avatar cdanger

Merge branch 'release/7.3.0'

parents 463c87d2 a3941721
language: java
jdk:
- openjdk7
- oraclejdk7
- openjdk8
- oraclejdk8
......@@ -2,6 +2,27 @@
All notable changes to this project are documented in this file following the [Keep a CHANGELOG](http://keepachangelog.com) conventions.
## 7.3.0
### Changed
- Dependency versions:
- logback-classic: 1.2.3
- logback-ext-spring: 0.1.5
- Spring: 4.3.14.RELEASE
- CXF: 3.2.4
- Saxon-HE: 9.8.0-12
- Plugin versions:
- OWASP dependency-check-maven: 3.2.1
## 7.2.0
### Changed
- Managed dependency versions:
- logback-classic: 1.1.9 -> 1.2.2 (to fix CVE affecting versions < 1.2.0)
- slf4j: 1.7.22 --> 1.7.25 (to match logback-classic version upgrade above)
- Managed plugin versions:
- OWASP dependency-check plugin 3.0.1 -> 3.0.2 (fix blocking bug #978 on their github)
## 7.1.0
### Changed
- Managed dependency versions:
......
......@@ -3,7 +3,7 @@
<parent>
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-parent</artifactId>
<version>7.2.0</version>
<version>7.3.0</version>
</parent>
<artifactId>authzforce-ce-atom-model</artifactId>
<packaging>jar</packaging>
......
......@@ -3,7 +3,7 @@
<parent>
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-parent</artifactId>
<version>7.2.0</version>
<version>7.3.0</version>
</parent>
<artifactId>authzforce-ce-pdp-ext-model</artifactId>
<name>${project.groupId}:${project.artifactId}</name>
......
......@@ -2,7 +2,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-parent</artifactId>
<version>7.2.0</version>
<version>7.3.0</version>
<packaging>pom</packaging>
<name>${project.groupId}:${project.artifactId}</name>
<description>Authzforce - Parent of all AuthzForce components</description>
......@@ -23,8 +23,8 @@
<jaxb2-value-constructor.version>3.0</jaxb2-value-constructor.version>
<slf4j.version>1.7.25</slf4j.version>
<!-- This version must match the Spring version used by 'logback-ext-spring' in dependencyManagement. -->
<spring.version>4.3.12.RELEASE</spring.version>
<cxf.version>3.2.1</cxf.version>
<spring.version>4.3.14.RELEASE</spring.version>
<cxf.version>3.2.4</cxf.version>
</properties>
<url>${project.url}</url>
<inceptionYear>2012</inceptionYear>
......@@ -93,14 +93,14 @@
<groupId>org.logback-extensions</groupId>
<artifactId>logback-ext-spring</artifactId>
<!-- TODO: upgrade so that logback-classic dependency version matches below -->
<version>0.1.4</version>
<version>0.1.5</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<!-- This version must match the version used by the one of 'logback-ext-spring' above. -->
<!-- Versions before 1.2.0 (excluded) affected by CVE-2017-5929 -->
<version>1.2.2</version>
<version>1.2.3</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
......@@ -155,7 +155,7 @@
<dependency>
<groupId>net.sf.saxon</groupId>
<artifactId>Saxon-HE</artifactId>
<version>9.7.0-14</version>
<version>9.8.0-12</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
......@@ -179,25 +179,25 @@
<groupId>${project.groupId}</groupId>
<artifactId>${artifactId.prefix}-xmlns-model</artifactId>
<!-- Version updated automatically by maven jgitflow:release-start -->
<version>7.2.0</version>
<version>7.3.0</version>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>${artifactId.prefix}-atom-model</artifactId>
<!-- Version updated automatically by maven jgitflow:release-start -->
<version>7.2.0</version>
<version>7.3.0</version>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>${artifactId.prefix}-xacml-model</artifactId>
<!-- Version updated automatically by maven jgitflow:release-start -->
<version>7.2.0</version>
<version>7.3.0</version>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>${artifactId.prefix}-pdp-ext-model</artifactId>
<!-- Version updated automatically by maven jgitflow:release-start -->
<version>7.2.0</version>
<version>7.3.0</version>
</dependency>
<!-- /Common AuthZForce CE dependencies -->
</dependencies>
......@@ -251,7 +251,7 @@
<!-- Consider combining with Red Hat Victims and OSS Index. More info on Victims vs. Dependency-check: https://bugzilla.redhat.com/show_bug.cgi?id=1388712 -->
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>3.0.2</version>
<version>3.2.1</version>
</plugin>
<plugin>
<groupId>org.jvnet.jaxb2.maven2</groupId>
......
......@@ -3,7 +3,7 @@
<parent>
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-parent</artifactId>
<version>7.2.0</version>
<version>7.3.0</version>
</parent>
<artifactId>authzforce-ce-xacml-model</artifactId>
<name>${project.groupId}:${project.artifactId}</name>
......
......@@ -3,7 +3,7 @@
<parent>
<groupId>org.ow2.authzforce</groupId>
<artifactId>authzforce-ce-parent</artifactId>
<version>7.2.0</version>
<version>7.3.0</version>
</parent>
<artifactId>authzforce-ce-xmlns-model</artifactId>
<name>${project.groupId}:${project.artifactId}</name>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment