[jira] [Resolved] (JENA-1696) Update jsonld-java and its Jackson dependencies

Andy Seaborne (JIRA) Fri, 29 Mar 2019 03:21:07 -0700


     [ 
https://issues.apache.org/jira/browse/JENA-1696?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Andy Seaborne resolved JENA-1696.
---------------------------------
    Resolution: Fixed

> Update jsonld-java and its Jackson dependencies
> -----------------------------------------------
>
>                 Key: JENA-1696
>                 URL: https://issues.apache.org/jira/browse/JENA-1696
>             Project: Apache Jena
>          Issue Type: Task
>    Affects Versions: Jena 3.10.0
>            Reporter: Andy Seaborne
>            Assignee: Andy Seaborne
>            Priority: Major
>             Fix For: Jena 3.11.0
>
>          Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> Jackson databind has been a source security CVE issues.
> While jsonld-java does not appear to depend on the attacked feature 
> (polymorphic binding), the presense of jackson jars with CVEs cause alters 
> from security scanning tools.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (JENA-1696) Update jsonld-java and its Jackson dependencies

Reply via email to