All, On the user list, Fred Kurz let us know that there's now a fix for CVE-2022-42003 (jackson-databind). Once we upgrade, should we work towards a release over the next few days? Given the changes since 2.5.0, I'm inclined to 2.6.0. Any objections? Thank you!
Best,
Tim
