Bug 547337 - Update to dom4j 2.1.1
fixes CVE-2018-1000632
Change-Id: I3fabf586941e434d5c280aa594b38c4e1df1b6ad
Signed-off-by: Tony Homer <tony.homer@intel.com>
diff --git a/m2e-maven-runtime/org.eclipse.m2e.archetype.common/pom.xml b/m2e-maven-runtime/org.eclipse.m2e.archetype.common/pom.xml
index 882e653..68d1db2 100644
--- a/m2e-maven-runtime/org.eclipse.m2e.archetype.common/pom.xml
+++ b/m2e-maven-runtime/org.eclipse.m2e.archetype.common/pom.xml
@@ -47,6 +47,10 @@
<groupId>org.sonatype.sisu</groupId>
<artifactId>sisu-inject-plexus</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>dom4j</groupId>
+ <artifactId>dom4j</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -55,6 +59,11 @@
<version>0.3.4</version>
<scope>provided</scope>
</dependency>
+ <dependency>
+ <groupId>org.dom4j</groupId>
+ <artifactId>dom4j</artifactId>
+ <version>2.1.1</version>
+ </dependency>
</dependencies>
<build>
<plugins>
@@ -72,7 +81,7 @@
commons-collections,
commons-io,
commons-lang,
- dom4j,
+ dom4j;version=2.1.1,
jchardet,
jdom,
oro,