Update org.apache.httpcomponents

- update org.apache.httpcomponents.httpcore to 4.3.3
- update org.apache.httpcomponents.httpclient to 4.3.6, 4.3.5 and later
  are reported to fix vulnerability CVE-2014-3577

CQ: 9220
CQ: 9221
Bug: 470523
Change-Id: I024448c941e81f7c1dc1cc2394329df90e9b3048
Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>

org.eclipse.jgit.packaging/org.eclipse.jgit.target/jgit-4.3.target

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
 <?pde?>
 <!-- generated with https://github.com/mbarbero/fr.obeo.releng.targetplatform -->
-<target name="jgit-4.3" sequenceNumber="1431244100">
+<target name="jgit-4.3" sequenceNumber="1436830977">
   <locations>
     <location includeMode="slicer" includeAllPlatforms="false" includeSource="true" includeConfigurePhase="true" type="InstallableUnit">
       <unit id="org.eclipse.jetty.client" version="9.2.10.v20150310"/>
@@ -29,10 +29,10 @@
       <unit id="org.apache.commons.compress.source" version="1.6.0.v201310281400"/>
       <unit id="org.apache.commons.logging" version="1.1.1.v201101211721"/>
       <unit id="org.apache.commons.logging.source" version="1.1.1.v201101211721"/>
-      <unit id="org.apache.httpcomponents.httpcore" version="4.1.4.v201203221030"/>
-      <unit id="org.apache.httpcomponents.httpcore.source" version="4.1.4.v201203221030"/>
-      <unit id="org.apache.httpcomponents.httpclient" version="4.1.3.v201209201135"/>
-      <unit id="org.apache.httpcomponents.httpclient.source" version="4.1.3.v201209201135"/>
+      <unit id="org.apache.httpcomponents.httpcore" version="4.3.3.v201411290715"/>
+      <unit id="org.apache.httpcomponents.httpcore.source" version="4.3.3.v201411290715"/>
+      <unit id="org.apache.httpcomponents.httpclient" version="4.3.6.v201411290715"/>
+      <unit id="org.apache.httpcomponents.httpclient.source" version="4.3.6.v201411290715"/>
       <unit id="org.apache.log4j" version="1.2.15.v201012070815"/>
       <unit id="org.apache.log4j.source" version="1.2.15.v201012070815"/>
       <unit id="org.kohsuke.args4j" version="2.0.21.v201301150030"/>

org.eclipse.jgit.packaging/org.eclipse.jgit.target/jgit-4.4.target

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
 <?pde?>
 <!-- generated with https://github.com/mbarbero/fr.obeo.releng.targetplatform -->
-<target name="jgit-4.4" sequenceNumber="1431244089">
+<target name="jgit-4.4" sequenceNumber="1436830965">
   <locations>
     <location includeMode="slicer" includeAllPlatforms="false" includeSource="true" includeConfigurePhase="true" type="InstallableUnit">
       <unit id="org.eclipse.jetty.client" version="9.2.10.v20150310"/>
@@ -29,10 +29,10 @@
       <unit id="org.apache.commons.compress.source" version="1.6.0.v201310281400"/>
       <unit id="org.apache.commons.logging" version="1.1.1.v201101211721"/>
       <unit id="org.apache.commons.logging.source" version="1.1.1.v201101211721"/>
-      <unit id="org.apache.httpcomponents.httpcore" version="4.1.4.v201203221030"/>
-      <unit id="org.apache.httpcomponents.httpcore.source" version="4.1.4.v201203221030"/>
-      <unit id="org.apache.httpcomponents.httpclient" version="4.1.3.v201209201135"/>
-      <unit id="org.apache.httpcomponents.httpclient.source" version="4.1.3.v201209201135"/>
+      <unit id="org.apache.httpcomponents.httpcore" version="4.3.3.v201411290715"/>
+      <unit id="org.apache.httpcomponents.httpcore.source" version="4.3.3.v201411290715"/>
+      <unit id="org.apache.httpcomponents.httpclient" version="4.3.6.v201411290715"/>
+      <unit id="org.apache.httpcomponents.httpclient.source" version="4.3.6.v201411290715"/>
       <unit id="org.apache.log4j" version="1.2.15.v201012070815"/>
       <unit id="org.apache.log4j.source" version="1.2.15.v201012070815"/>
       <unit id="org.kohsuke.args4j" version="2.0.21.v201301150030"/>

org.eclipse.jgit.packaging/org.eclipse.jgit.target/jgit-4.5.target

@@ -29,10 +29,10 @@
       <unit id="org.apache.commons.compress.source" version="1.6.0.v201310281400"/>
       <unit id="org.apache.commons.logging" version="1.1.1.v201101211721"/>
       <unit id="org.apache.commons.logging.source" version="1.1.1.v201101211721"/>
-      <unit id="org.apache.httpcomponents.httpcore" version="4.1.4.v201203221030"/>
-      <unit id="org.apache.httpcomponents.httpcore.source" version="4.1.4.v201203221030"/>
-      <unit id="org.apache.httpcomponents.httpclient" version="4.1.3.v201209201135"/>
-      <unit id="org.apache.httpcomponents.httpclient.source" version="4.1.3.v201209201135"/>
+      <unit id="org.apache.httpcomponents.httpcore" version="4.3.3.v201411290715"/>
+      <unit id="org.apache.httpcomponents.httpcore.source" version="4.3.3.v201411290715"/>
+      <unit id="org.apache.httpcomponents.httpclient" version="4.3.6.v201411290715"/>
+      <unit id="org.apache.httpcomponents.httpclient.source" version="4.3.6.v201411290715"/>
       <unit id="org.apache.log4j" version="1.2.15.v201012070815"/>
       <unit id="org.apache.log4j.source" version="1.2.15.v201012070815"/>
       <unit id="org.kohsuke.args4j" version="2.0.21.v201301150030"/>

org.eclipse.jgit.packaging/org.eclipse.jgit.target/orbit/R20150124073747-Luna-SR2.tpd

@@ -8,10 +8,10 @@ location "http://download.eclipse.org/tools/orbit/downloads/drops/R2015012407374
 	org.apache.commons.compress.source [1.6.0.v201310281400,1.6.0.v201310281400]
 	org.apache.commons.logging [1.1.1.v201101211721,1.1.1.v201101211721]
 	org.apache.commons.logging.source [1.1.1.v201101211721,1.1.1.v201101211721]
-	org.apache.httpcomponents.httpcore [4.1.4.v201203221030,4.1.4.v201203221030]
-	org.apache.httpcomponents.httpcore.source [4.1.4.v201203221030,4.1.4.v201203221030]
-	org.apache.httpcomponents.httpclient [4.1.3.v201209201135,4.1.3.v201209201135]
-	org.apache.httpcomponents.httpclient.source [4.1.3.v201209201135,4.1.3.v201209201135]
+	org.apache.httpcomponents.httpcore [4.3.3.v201411290715,4.3.3.v201411290715]
+	org.apache.httpcomponents.httpcore.source [4.3.3.v201411290715,4.3.3.v201411290715]
+	org.apache.httpcomponents.httpclient [4.3.6.v201411290715,4.3.6.v201411290715]
+	org.apache.httpcomponents.httpclient.source [4.3.6.v201411290715,4.3.6.v201411290715]
 	org.apache.log4j [1.2.15.v201012070815,1.2.15.v201012070815]
 	org.apache.log4j.source [1.2.15.v201012070815,1.2.15.v201012070815]
 	org.kohsuke.args4j [2.0.21.v201301150030,2.0.21.v201301150030]

org.eclipse.jgit.packaging/org.eclipse.jgit.target/orbit/R20150519210750-Mars.tpd

@@ -8,10 +8,10 @@ location "http://download.eclipse.org/tools/orbit/downloads/drops/R2015051921075
 	org.apache.commons.compress.source [1.6.0.v201310281400,1.6.0.v201310281400]
 	org.apache.commons.logging [1.1.1.v201101211721,1.1.1.v201101211721]
 	org.apache.commons.logging.source [1.1.1.v201101211721,1.1.1.v201101211721]
-	org.apache.httpcomponents.httpcore [4.1.4.v201203221030,4.1.4.v201203221030]
-	org.apache.httpcomponents.httpcore.source [4.1.4.v201203221030,4.1.4.v201203221030]
-	org.apache.httpcomponents.httpclient [4.1.3.v201209201135,4.1.3.v201209201135]
-	org.apache.httpcomponents.httpclient.source [4.1.3.v201209201135,4.1.3.v201209201135]
+	org.apache.httpcomponents.httpcore [4.3.3.v201411290715,4.3.3.v201411290715]
+	org.apache.httpcomponents.httpcore.source [4.3.3.v201411290715,4.3.3.v201411290715]
+	org.apache.httpcomponents.httpclient [4.3.6.v201411290715,4.3.6.v201411290715]
+	org.apache.httpcomponents.httpclient.source [4.3.6.v201411290715,4.3.6.v201411290715]
 	org.apache.log4j [1.2.15.v201012070815,1.2.15.v201012070815]
 	org.apache.log4j.source [1.2.15.v201012070815,1.2.15.v201012070815]
 	org.kohsuke.args4j [2.0.21.v201301150030,2.0.21.v201301150030]

pom.xml

@@ -203,7 +203,7 @@
     <servlet-api-version>3.1.0</servlet-api-version>
     <jetty-version>9.2.10.v20150310</jetty-version>
     <clirr-version>2.6.1</clirr-version>
-    <httpclient-version>4.1.3</httpclient-version>
+    <httpclient-version>4.3.6</httpclient-version>
     <slf4j-version>1.7.2</slf4j-version>
     <log4j-version>1.2.15</log4j-version>
     <maven-javadoc-plugin-version>2.10.1</maven-javadoc-plugin-version>