[
https://issues.apache.org/jira/browse/TINKERPOP-1654?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15938242#comment-15938242
]
ASF GitHub Bot commented on TINKERPOP-1654:
-------------------------------------------
Github user robertdale commented on a diff in the pull request:
https://github.com/apache/tinkerpop/pull/579#discussion_r107661176
--- Diff: CHANGELOG.asciidoc ---
@@ -26,6 +26,7 @@
image::https://raw.githubusercontent.com/apache/tinkerpop/master/docs/static/ima
TinkerPop 3.1.7 (Release Date: NOT OFFICIALLY RELEASED YET)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+* Bumped to Jackson 2.7.9.
--- End diff --
Update version to 2.8.7
> Upgrade to jackson-databind 2.8.6+ in gremlin-shaded
> ----------------------------------------------------
>
> Key: TINKERPOP-1654
> URL: https://issues.apache.org/jira/browse/TINKERPOP-1654
> Project: TinkerPop
> Issue Type: Improvement
> Components: io
> Affects Versions: 3.1.6
> Reporter: Andy Tolbert
> Assignee: stephen mallette
> Priority: Critical
>
> Jackson had a vulnerability that was fixed in 2.8.6
> ([FasterXML/jackson-core#322|https://github.com/FasterXML/jackson-core/pull/322]).
> It would be good to upgrade the gremlin-shaded module to depend on a newer
> version.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
