Merge pull request #64 from ahormazabal/dev/cvepluginupdates

Exclude libraries affected by CVEs.

Author: ahormazabal

.travis.yml

@@ -1,4 +1,6 @@
 language: java
+jdk:
+  - openjdk8
 before_cache:
 - rm -f $HOME/.gradle/caches/modules-2/modules-2.lock
 cache:

build.gradle

@@ -1,7 +1,7 @@
 ext.pluginClassNames='com.dtolabs.rundeck.plugin.overthere.OTWinRMNodeExecutor,com.dtolabs.rundeck.plugin.overthere.OTWinRMFileCopier'
 
 defaultTasks 'clean','build'
-version = '1.3.4-SNAPSHOT'
+version = '1.3.6-SNAPSHOT'
 ext.rundeckPluginVersion= '1.1'
 apply plugin: 'java'
 apply plugin: 'idea'
@@ -43,6 +43,11 @@ dependencies {
         exclude( module: 'icu4j')
         exclude( module: 'jcl-over-slf4j')
     }
+    // bump version brought by com.xebialabs.overthere, which is affected by CVE-2018-1000613
+    pluginLibs ("org.bouncycastle:bcpkix-jdk15on:1.62") {
+        exclude ( group: "org.bouncycastle", module: "bcprov-jdk15on")
+    }
+
 //    pluginLibs(group: 'org.slf4j', name: 'slf4j-simple', version: '1.6.3')
     pluginLibs(group: 'org.slf4j', name: 'slf4j-nop', version: '1.6.3')
 
@@ -72,7 +77,7 @@ jar {
                 'Rundeck-Plugin-Version': rundeckPluginVersion,
                 'Rundeck-Plugin-Archive': 'true',
                 'Rundeck-Plugin-Classnames': pluginClassNames,
-                'Rundeck-Plugin-Libs': "${libList}", 
+                'Rundeck-Plugin-Libs': "${libList}",
                 'Rundeck-Plugin-Name' : 'Rundeck WinRM',
                 'Rundeck-Plugin-Description' : 'Rundeck Node Executor and File Copier plugins that uses WinRM to connect to Windows and execute commands. It uses the OverThere Library to provide the WinRM implementation, and uses Basic authentication over HTTPS.',
                 'Rundeck-Plugin-Rundeck-Compatibility-Version': '2.3.2+',