You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jena.apache.org by "Andy Seaborne (JIRA)" <ji...@apache.org> on 2019/07/23 09:21:00 UTC

[jira] [Commented] (JENA-1736) Update Jackson dependency to 2.9.9.1

    [ https://issues.apache.org/jira/browse/JENA-1736?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16890822#comment-16890822 ] 

Andy Seaborne commented on JENA-1736:
-------------------------------------

The advised upgrade is not yet available on maven central.

It may be that the emerging "2.10.0" is the correct upgrade.

This core issues does not affect Jena's limited use of Jackson.


> Update Jackson dependency to 2.9.9.1
> ------------------------------------
>
>                 Key: JENA-1736
>                 URL: https://issues.apache.org/jira/browse/JENA-1736
>             Project: Apache Jena
>          Issue Type: Task
>    Affects Versions: Jena 3.12.0
>            Reporter: Andy Seaborne
>            Assignee: Andy Seaborne
>            Priority: Major
>             Fix For: Jena 3.13.0
>
>
> This addresses CVE-2019-12814.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)