inteligr8/alfresco-transform-core
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-transform-core.git synced 2025-06-30 18:14:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

ATS-132: Fix whitesource HIGH (security policy violation)

Browse Source 
- Alfresco Data Model 8.8
- transitive dependency (via opencmis client 1.0.0)
- csxg-rt-transports-http 3.1.10 to 3.1.16 (for CVE-2018-8039 - CVSS 3 score of 8.1)
This commit is contained in:
Jan Vonka 2018-09-21 17:24:58 +01:00
parent 5bf1b3a964
commit 38decd3439
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
alfresco-docker-tika/pom.xml
View File

@ -47,6 +47,17 @@
<dependency>
<groupId>org.alfresco</groupId>
<artifactId>alfresco-data-model</artifactId>
<exclusion>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
</exclusion>
</dependency>
<!-- for Alfresco Data Model 8.8 (explicitly fix CVE) -->
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
<version>3.1.16</version>
</dependency>
<dependency>
@ -86,7 +97,7 @@
</exclusions>
</dependency>
<!-- for Apache Tika Parsers - eg. encrypted PDF -->
<!-- for Apache Tika Parsers 1.17-20180201-alfresco-patched (explicitly fix CVE) -->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>