<parent>
<groupId>org.opendaylight.odlparent</groupId>
<artifactId>single-feature-parent</artifactId>
- <version>13.0.3</version>
+ <version>13.1.1</version>
<relativePath>../../single-feature-parent</relativePath>
</parent>
<packaging>kar</packaging>
<properties>
- <pax.jdbc.version>1.5.5</pax.jdbc.version>
+ <pax.jdbc.version>1.5.7</pax.jdbc.version>
</properties>
<dependencies>
<artifactId>pax-jdbc-features</artifactId>
<version>${pax.jdbc.version}</version>
<classifier>features</classifier>
+ <exclusions>
+ <!--
+ Exclude Derby version 10.14.2.0 due to the vulnerability:
+ https://nvd.nist.gov/vuln/detail/CVE-2022-46337
+ for which there are no upstream builds we can use.
+
+ FIXME: ODLPARENT-311: Re-enable this when we require Java 21 runtime and upgrade to Derby 10.17.1.0+
+ -->
+ <exclusion>
+ <groupId>org.ops4j.pax.jdbc</groupId>
+ <artifactId>pax-jdbc-derby</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.ops4j.pax.jdbc</groupId>
+ <artifactId>pax-jdbc-derbyclient</artifactId>
+ </exclusion>
+ </exclusions>
<type>xml</type>
<scope>runtime</scope>
</dependency>