You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tinkerpop.apache.org by "stephen mallette (JIRA)" <ji...@apache.org> on 2019/06/05 11:44:00 UTC
[jira] [Closed] (TINKERPOP-2223) Update jackson databind to 2.9.9
[ https://issues.apache.org/jira/browse/TINKERPOP-2223?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
stephen mallette closed TINKERPOP-2223.
---------------------------------------
Resolution: Done
Fix Version/s: 3.4.3
3.3.8
Updated via CTR https://github.com/apache/tinkerpop/commit/7c207e5f49aa0761e561cbb0bc7ff42c54984a7b
> Update jackson databind to 2.9.9
> --------------------------------
>
> Key: TINKERPOP-2223
> URL: https://issues.apache.org/jira/browse/TINKERPOP-2223
> Project: TinkerPop
> Issue Type: Improvement
> Components: io
> Affects Versions: 3.3.6, 3.4.1
> Reporter: Robert Dale
> Assignee: stephen mallette
> Priority: Minor
> Fix For: 3.3.8, 3.4.3
>
>
> https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736
> Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.9.9 or higher.
> Security vulnerability is specific to having mysql jars on the classpath. Does not affect us directly. Low priority, let's put it on the roadmap.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)