to consume fix for vulnerability [1] in Apache commons compress which is fixed in version 1.18. [1] https://nvd.nist.gov/vuln/detail/CVE-2018-1324 CQ: 18320 Change-Id: I39b1d815e5b8e0208600afafe7a72bb603d04fb8 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>tags/v5.2.0.201811281532-m3
@@ -96,8 +96,8 @@ maven_jar( | |||
maven_jar( | |||
name = "commons-compress", | |||
artifact = "org.apache.commons:commons-compress:1.15", | |||
sha1 = "b686cd04abaef1ea7bc5e143c080563668eec17e", | |||
artifact = "org.apache.commons:commons-compress:1.18", | |||
sha1 = "1191f9f2bc0c47a8cce69193feb1ff0a8bcb37d5", | |||
) | |||
maven_jar( |
@@ -205,7 +205,7 @@ | |||
<junit-version>4.12</junit-version> | |||
<test-fork-count>1C</test-fork-count> | |||
<args4j-version>2.33</args4j-version> | |||
<commons-compress-version>1.15</commons-compress-version> | |||
<commons-compress-version>1.18</commons-compress-version> | |||
<osgi-core-version>4.3.1</osgi-core-version> | |||
<servlet-api-version>3.1.0</servlet-api-version> | |||
<jetty-version>9.4.11.v20180605</jetty-version> |