From 7efd5e45825f79efac107a144e8728da958f99d4 Mon Sep 17 00:00:00 2001
From: Daniel Gerhardt <code@dgerhardt.net>
Date: Sat, 20 Dec 2014 14:45:06 +0100
Subject: [PATCH] Update Maven dependencies

This updates Spring, Logging and Netty-socketio. The new Netty-socketio
version fixes memory leaks and disables SSL3 encryption (POODLE
vulnerability).
---
 pom.xml | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/pom.xml b/pom.xml
index 7e7e6b81..6c5beb54 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,9 +7,9 @@
 	<packaging>war</packaging>
 
 	<properties>
-		<org.springframework-version>4.0.7.RELEASE</org.springframework-version>
-		<org.springframework.security-version>3.2.4.RELEASE</org.springframework.security-version>
-		<org.springframework.integration-mail-version>4.0.3.RELEASE</org.springframework.integration-mail-version>
+		<org.springframework-version>4.0.8.RELEASE</org.springframework-version>
+		<org.springframework.security-version>3.2.5.RELEASE</org.springframework.security-version>
+		<org.springframework.integration-mail-version>4.0.6.RELEASE</org.springframework.integration-mail-version>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.url>https://scm.thm.de/arsnova</project.url>
 		<sonar.language>java</sonar.language>
@@ -175,6 +175,13 @@
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-cas</artifactId>
 			<version>${org.springframework.security-version}</version>
+			<exclusions>
+				<!-- Exclude log4j-over-slf4j to prevent delegation loop -->
+				<exclusion>
+					<groupId>org.slf4j</groupId>
+					<artifactId>log4j-over-slf4j</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.security</groupId>
@@ -194,12 +201,12 @@
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-api</artifactId>
-			<version>1.7.7</version>
+			<version>1.7.9</version>
 		</dependency>
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-log4j12</artifactId>
-			<version>1.7.7</version>
+			<version>1.7.9</version>
 		</dependency>
 		<dependency>
 			<groupId>log4j</groupId>
@@ -256,7 +263,7 @@
 		<dependency>
 			<groupId>com.corundumstudio.socketio</groupId>
 			<artifactId>netty-socketio</artifactId>
-			<version>1.7.3</version>
+			<version>1.7.5</version>
 		</dependency>
 		<dependency>
 			<groupId>javax.inject</groupId>
@@ -345,7 +352,7 @@
 			<plugin>
 				<groupId>org.eclipse.jetty</groupId>
 				<artifactId>jetty-maven-plugin</artifactId>
-				<version>9.2.3.v20140905</version>
+				<version>9.2.6.v20141205</version>
 				<configuration>
 					<scanIntervalSeconds>1</scanIntervalSeconds>
 					<webApp>
-- 
GitLab