Skip to content

Update jackson-databind to 2.9.8 #405

New issue
Jump to bottom
New issue
Jump to bottom
Closed
Closed
Update jackson-databind to 2.9.8#405
Assignees
khmarbaise
Labels
securityPossible security findings
Milestone
 
Release 0.4.0
@msymons

Description

@msymons
msymons
opened on Apr 6, 2019

jackson-databind has already been updated from 2.3.4 to 2.9.6 for the Release 0.3.9 milestone, per #375.

The version should be updated (again) to 2.9.8. This would address multiple threats. From jackson release notes:

java-client-api may or may not have actual exposure to any of these vulnerabilities... but updating will prevent 3rd party analysers giving alerts.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

Labels

securityPossible security findings

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions