On Thu, Jan 2, 2020 at 4:37 PM Radek Kraus <[email protected]> wrote:
> Hello, > is there a plan to release jackson-databind:2.9.10.2? > Release, which fixed CVE vulnerabilities ( > https://github.com/FasterXML/jackson-databind/issues/2526) > > Yeah -- I have been waiting to see if there are any other fixes, but might as well go ahead and release it now, followed soon by 2.10.2. Latter will hopefully allow others who are stuck with 2.9 to upgrade, and get out of CVE-update-cycle. -+ Tatu +- -- You received this message because you are subscribed to the Google Groups "jackson-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jackson-user/CAGrxA242m7SLVxXcB1fYddkx5tNdfFquSB1KDrnrFH6TS2wDuw%40mail.gmail.com.
