-
Task
-
Resolution: Done
-
Medium
-
Beijing Release
-
None
-
None
-
DCAE R2 Sprint RC0
Current version below was flagged by CLM scan
VES: com.fasterxml.jackson.core : jackson-databind : 2.8.11.1
org.apache.tomcat : tomcat-catalina : 8.0.36
org.apache.tomcat.embed : tomcat-embed-core : 8.0.36
org.apache.tomcat : tomcat-coyote : 8.0.36
Looking through nexus-iq, 8.0.51 across is security complaint.
org.apache.tomcat : tomcat-catalina : 8.0.51
org.apache.tomcat.embed : tomcat-embed-core : 8.0.51
org.apache.tomcat : tomcat-coyote : 8.0.51
For Jackson - update DCAE security vulnerability with clarification- https://wiki.onap.org/pages/viewpage.action?pageId=28377647