Bump Jackson to 2.9.9.1

[acogoluegnes]

To address https://nvd.nist.gov/vuln/detail/CVE-2019-12814.

Jackson is an optional dependency, necessary only when using JSON RPC.

[acogoluegnes]

Fixed in ebddf5b.