Exclude Neko-HtmlUnit from AntiSamy so we can use latest version.

kwwall · kwwall · commit d65b91e3e6a4 · 2022-04-24T09:58:38.000-04:00
diff --git a/pom.xml b/pom.xml
@@ -254,6 +254,28 @@
             <groupId>org.owasp.antisamy</groupId>
             <artifactId>antisamy</artifactId>
             <version>1.6.7</version>
+            <exclusions>
+                <!-- Exclude this so we can grab version 2.61.0, which has a
+                     new DoS CVE fixed.
+                  -->
+                <exclusion>
+                    <groupId>net.sourceforge.htmlunit</groupId>
+                    <artifactId>neko-htmlunit</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>net.sourceforge.htmlunit</groupId>
+            <artifactId>neko-htmlunit</artifactId>
+                <!-- This version fixes latest CVE in Neko-HtmlUnit. -->
+            <version>2.61.0</version>
+            <exclusions>
+                <!-- excluded because this conflicts with the version imported by AntiSamy -->
+                <exclusion>
+                    <groupId>xerces</groupId>
+                    <artifactId>xercesImpl</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
