[jira] [Commented] (WW-5038) Upgrade jackson-databind to version 2.9.9.3

Hudson (Jira) Sat, 07 Sep 2019 00:20:33 -0700


    [ 
https://issues.apache.org/jira/browse/WW-5038?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16924758#comment-16924758
 ]


Hudson commented on WW-5038:
----------------------------

SUCCESS: Integrated in Jenkins build Struts-master-JDK8 #262 (See 
[https://builds.apache.org/job/Struts-master-JDK8/262/])
WW-5038 Upgrades jackson-databind to version 2.9.9.3 plus upgrades 
(lukaszlenart: rev 8187006c31f1ebdc80f4090a2e1f05c8bdc223f7)
* (edit) pom.xml


> Upgrade jackson-databind to version 2.9.9.3
> -------------------------------------------
>
>                 Key: WW-5038
>                 URL: https://issues.apache.org/jira/browse/WW-5038
>             Project: Struts 2
>          Issue Type: Dependency
>          Components: Plugin - REST
>            Reporter: Lukasz Lenart
>            Priority: Minor
>             Fix For: 2.5.21, 2.6
>
>
> One or more dependencies were identified with known vulnerabilities in Struts 
> 2 REST Plugin:
> jackson-databind-2.9.8.jar (cpe:/a:fasterxml:jackson:2.9.8, 
> cpe:/a:fasterxml:jackson-databind:2.9.8, 
> com.fasterxml.jackson.core:jackson-databind:2.9.8) : CVE-2019-14379, 
> CVE-2019-12814, CVE-2019-14439, CVE-2019-12086, CVE-2019-12384



--
This message was sent by Atlassian Jira
(v8.3.2#803003)

[jira] [Commented] (WW-5038) Upgrade jackson-databind to version 2.9.9.3

Reply via email to