Commit 760e58d3 authored by cdanger's avatar cdanger

Upgraded managed dep versions: dependency-check plugin 3.1.0 -> 3.0.2...

Upgraded managed dep versions: dependency-check plugin 3.1.0 -> 3.0.2 (downgrade because 3.1.0 bugged) logback-classic 1.1.9 -> 1.2.2 (to fix critical CVE), slf4j 1.7.22 --> 1.7.25 (to match logback-classic dep)
parent 71f16412
......@@ -21,7 +21,7 @@
<git.url.base>https://gitlab.ow2.org/authzforce</git.url.base>
<jaxb2-basics.version>0.11.1</jaxb2-basics.version>
<jaxb2-value-constructor.version>3.0</jaxb2-value-constructor.version>
<slf4j.version>1.7.22</slf4j.version>
<slf4j.version>1.7.25</slf4j.version>
<!-- This version must match the Spring version used by 'logback-ext-spring' in dependencyManagement. -->
<spring.version>4.3.12.RELEASE</spring.version>
<cxf.version>3.2.1</cxf.version>
......@@ -92,13 +92,15 @@
dependencies used by other Authzforce projects. -->
<groupId>org.logback-extensions</groupId>
<artifactId>logback-ext-spring</artifactId>
<!-- TODO: upgrade so that logback-classic dependency version matches below -->
<version>0.1.4</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<!-- This version must match the version used by the one of 'logback-ext-spring' above. -->
<version>1.1.9</version>
<!-- Versions before 1.2.0 (excluded) affected by CVE-2017-5929 -->
<version>1.2.2</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
......@@ -249,7 +251,7 @@
<!-- Consider combining with Red Hat Victims and OSS Index. More info on Victims vs. Dependency-check: https://bugzilla.redhat.com/show_bug.cgi?id=1388712 -->
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>3.1.0</version>
<version>3.0.2</version>
</plugin>
<plugin>
<groupId>org.jvnet.jaxb2.maven2</groupId>
......
/**
* Copyright 2012-2017 Thales Services SAS.
* Copyright 2012-2018 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
......
/**
* Copyright 2012-2017 Thales Services SAS.
* Copyright 2012-2018 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
......
/**
* Copyright 2012-2017 Thales Services SAS.
* Copyright 2012-2018 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
......
/**
* Copyright 2012-2017 Thales Services SAS.
* Copyright 2012-2018 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
......
/**
* Copyright 2012-2017 Thales Services SAS.
* Copyright 2012-2018 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
......
/**
* Copyright 2012-2017 Thales Services SAS.
* Copyright 2012-2018 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
......
/**
* Copyright 2012-2017 Thales Services SAS.
* Copyright 2012-2018 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
......
/**
* Copyright 2012-2017 Thales Services SAS.
* Copyright 2012-2018 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
......
/**
* Copyright 2012-2017 Thales Services SAS.
* Copyright 2012-2018 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
......
/**
* Copyright 2012-2017 Thales Services SAS.
* Copyright 2012-2018 Thales Services SAS.
*
* This file is part of AuthzForce CE.
*
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment