Great. Thank you very much. Radek Kraus.
On Friday, January 3, 2020 at 2:17:09 AM UTC+1, Tatu Saloranta wrote: > > Version 2.9.10.2 of `jackson-databind` now released, on its way to Maven > Central. > I also released matching `jackson-bom` with version `2.9.10.20200103`. > > -+ Tatu +- > > On Thu, Jan 2, 2020 at 4:51 PM Tatu Saloranta <[email protected] > <javascript:>> wrote: > >> On Thu, Jan 2, 2020 at 4:37 PM Radek Kraus <[email protected] >> <javascript:>> wrote: >> >>> Hello, >>> is there a plan to release jackson-databind:2.9.10.2? >>> Release, which fixed CVE vulnerabilities ( >>> https://github.com/FasterXML/jackson-databind/issues/2526) >>> >>> >> Yeah -- I have been waiting to see if there are any other fixes, but >> might as well go ahead and release it now, followed soon by 2.10.2. Latter >> will hopefully allow others who are stuck with 2.9 to upgrade, and get out >> of CVE-update-cycle. >> >> -+ Tatu +- >> >> >> > -- You received this message because you are subscribed to the Google Groups "jackson-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jackson-user/f0ca54cc-a014-481f-8f09-2b384a8b13ed%40googlegroups.com.
