You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by kr...@apache.org on 2019/11/09 18:04:34 UTC
[knox] branch master updated: KNOX-2112 - Upgrade dom4j to 2.1.1
(#183)
This is an automated email from the ASF dual-hosted git repository.
krisden pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git
The following commit(s) were added to refs/heads/master by this push:
new c9838fc KNOX-2112 - Upgrade dom4j to 2.1.1 (#183)
c9838fc is described below
commit c9838fcccfde1ee309bef02bc871675bacfad35c
Author: Kevin Risden <ri...@users.noreply.github.com>
AuthorDate: Sat Nov 9 13:04:28 2019 -0500
KNOX-2112 - Upgrade dom4j to 2.1.1 (#183)
The dom4j Maven coordinates changed from 1.x to 2.x.
See https://github.com/dom4j/dom4j/issues/58 for details.
There are some CVEs associated with the older version so should upgrade.
Signed-off-by: Kevin Risden <kr...@apache.org>
---
pom.xml | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/pom.xml b/pom.xml
index 6c5f6c4..c52a6f5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -178,6 +178,7 @@
<curator.version>4.2.0</curator.version>
<dependency-check-maven.version>5.2.2</dependency-check-maven.version>
<dockerfile-maven-plugin.version>1.4.13</dockerfile-maven-plugin.version>
+ <dom4j.version>2.1.1</dom4j.version>
<easymock.version>4.0.2</easymock.version>
<eclipselink.version>2.7.5</eclipselink.version>
<ehcache.version>2.6.11</ehcache.version>
@@ -2067,6 +2068,10 @@
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>dom4j</groupId>
+ <artifactId>dom4j</artifactId>
+ </exclusion>
</exclusions>
</dependency>
@@ -2076,6 +2081,11 @@
<artifactId>spring-core</artifactId>
<version>${spring-core.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.dom4j</groupId>
+ <artifactId>dom4j</artifactId>
+ <version>${dom4j.version}</version>
+ </dependency>
<dependency>
<groupId>org.pac4j</groupId>