Update Apache commons compress to 1.18.0

to consume fix for vulnerability [1] in Apache commons compress which is fixed in version 1.18. [1] https://nvd.nist.gov/vuln/detail/CVE-2018-1324 CQ: 18320 Change-Id: I39b1d815e5b8e0208600afafe7a72bb603d04fb8 Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
6 years ago · ae805bd717
2 changed files with 3 additions and 3 deletions
--- a/4
+++ b/4
@ -96,8 +96,8 @@ maven_jar(
 maven_jar(
    name = "commons-compress",
-    artifact = "org.apache.commons:commons-compress:1.15",
+    artifact = "org.apache.commons:commons-compress:1.18",
-    sha1 = "b686cd04abaef1ea7bc5e143c080563668eec17e",
+    sha1 = "1191f9f2bc0c47a8cce69193feb1ff0a8bcb37d5",
 )
 maven_jar(
--- a/pom.xml
+++ b/pom.xml
@ -205,7 +205,7 @@
    <junit-version>4.12</junit-version>
    <test-fork-count>1C</test-fork-count>
    <args4j-version>2.33</args4j-version>
-    <commons-compress-version>1.15</commons-compress-version>
+    <commons-compress-version>1.18</commons-compress-version>
    <osgi-core-version>4.3.1</osgi-core-version>
    <servlet-api-version>3.1.0</servlet-api-version>
    <jetty-version>9.4.11.v20180605</jetty-version>