James Muehlner created GUACAMOLE-1594:
-----------------------------------------
Summary: CVE-2020-36518: Update jackson-databind dependency to
2.13.2.1
Key: GUACAMOLE-1594
URL: https://issues.apache.org/jira/browse/GUACAMOLE-1594
Project: Guacamole
Issue Type: Task
Components: guacamole-client
Reporter: James Muehlner
An issue has been identified in the jackson-databind package, which we depend
on: [https://nvd.nist.gov/vuln/detail/CVE-2020-36518,]
This issue has been fixed in version 2.13.2.1:
[https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13]
The version in the webapp should be updated to 2.13.2.1, along with any other
transitive dependencies as needed.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
