From 36ed16a752e4fdbddea3be2134f7f75371fe2844 Mon Sep 17 00:00:00 2001
From: "Cezar.Leahu" <cezar.leahu@ness.com>
Date: Fri, 21 Sep 2018 19:32:52 +0300
Subject: [PATCH 1/2] ATS-132 : Update cxf-rt-transports-http to latest version
 3.2.6

---
 pom.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pom.xml b/pom.xml
index 2f77f8b5..94155c5c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -91,6 +91,11 @@
                 <artifactId>alfresco-transform-data-model</artifactId>
                 <version>${alfresco-transform-data-model.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.apache.cxf</groupId>
+                <artifactId>cxf-rt-transports-http</artifactId>
+                <version>3.2.6</version>
+            </dependency>
         </dependencies>
     </dependencyManagement>
 

From 61e3f1a965a11056a35aeccc82243561349db67e Mon Sep 17 00:00:00 2001
From: Jan Vonka <jan.vonka@alfresco.com>
Date: Fri, 21 Sep 2018 17:52:22 +0100
Subject: [PATCH 2/2] ATS-132: Fix HIGH (security policy violation) - for
 Transform Service product group (in WhiteSource) - Alfresco Data Model 8.8 -
 transitive dependency (via opencmis client 1.0.0) - csxg-rt-transports-http
 3.0.10 to 3.0.16 (for CVE-2018-8039 - CVSS 3 score of 8.1)

---
 pom.xml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 94155c5c..fe1ce9c0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -91,11 +91,13 @@
                 <artifactId>alfresco-transform-data-model</artifactId>
                 <version>${alfresco-transform-data-model.version}</version>
             </dependency>
+            <!-- via Data Model / OpenCMIS Client -->
             <dependency>
                 <groupId>org.apache.cxf</groupId>
                 <artifactId>cxf-rt-transports-http</artifactId>
-                <version>3.2.6</version>
+                <version>3.0.16</version>
             </dependency>
+
         </dependencies>
     </dependencyManagement>