As a Product Owner I want that potential vulnerabilities reported by OWASP Dependency Check tool are checked & fixed so that X-Road software is safe to use

[hanhaka]

Affected components: - Affected documentation: - Estimated delivery: Q2 / 2018 External reference: https://jira.csc.fi/browse/PVAYLADEV-1091

Problem Latest scanning result of OWASP Dependency Check tool did show some possible vulnerabilities. Scanning results must go through and see if there are things that are needing actions (for example updating some components to latest sw version) or if the results are false positive.

Acceptance criteria

• Scanning results of OWASP Dependency Check tool are checked through
• False positive cases are marked
• Needed actions to fix actual vulnerabilities are done (f.ex updated outdated components to latest sw version)

[hanhaka]

Fixed in 6.17.0 For more information, see https://github.com/ria-ee/X-Road/pull/78