Keith Wall created QPID-8159:
--------------------------------

             Summary: [Broker-J] Upgrade Jackson from 2.9.4 to 2.9.5 
(CVE-2018-7489)
                 Key: QPID-8159
                 URL: https://issues.apache.org/jira/browse/QPID-8159
             Project: Qpid
          Issue Type: Improvement
          Components: Broker-J
    Affects Versions: qpid-java-broker-7.1.0
            Reporter: Keith Wall


QPID-8136 upgrade Jackson on master from 2.8.7 to 2.9.4 in response to 
CVE-2017-7525.  However it is now know that the blacklist include in 2.9.4 was 
incomplete.    This is the subject of CVE-2018-7489.




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

Reply via email to