[jira] [Closed] (TINKERPOP-2223) Update jackson databind to 2.9.9

stephen mallette (JIRA) Wed, 05 Jun 2019 04:44:43 -0700


     [ 
https://issues.apache.org/jira/browse/TINKERPOP-2223?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


stephen mallette closed TINKERPOP-2223.
---------------------------------------
       Resolution: Done
    Fix Version/s: 3.4.3
                   3.3.8

Updated via CTR 
https://github.com/apache/tinkerpop/commit/7c207e5f49aa0761e561cbb0bc7ff42c54984a7b

> Update jackson databind to 2.9.9
> --------------------------------
>
>                 Key: TINKERPOP-2223
>                 URL: https://issues.apache.org/jira/browse/TINKERPOP-2223
>             Project: TinkerPop
>          Issue Type: Improvement
>          Components: io
>    Affects Versions: 3.3.6, 3.4.1
>            Reporter: Robert Dale
>            Assignee: stephen mallette
>            Priority: Minor
>             Fix For: 3.3.8, 3.4.3
>
>
> https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736
> Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.9.9 or 
> higher.
> Security vulnerability is specific to having mysql jars on the classpath. 
> Does not affect us directly.  Low priority, let's put it on the roadmap.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Closed] (TINKERPOP-2223) Update jackson databind to 2.9.9

Reply via email to