Andy Seaborne created JENA-1696:
-----------------------------------
Summary: Update jsonld-java and its Jackson dependencies
Key: JENA-1696
URL: https://issues.apache.org/jira/browse/JENA-1696
Project: Apache Jena
Issue Type: Task
Affects Versions: Jena 3.10.0
Reporter: Andy Seaborne
Assignee: Andy Seaborne
Fix For: Jena 3.11.0
Jackson databind has been a source security CVE issues.
While jsonld-java does not appear to depend on the attacked feature
(polymorphic binding), the presense of jackson jars with CVEs cause alters from
security scanning tools.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
