[jira] [Commented] (OLINGO-1295) jackson upgrade odata-server and odata-client

Michael (JIRA) Tue, 25 Sep 2018 10:12:41 -0700


    [ 
https://issues.apache.org/jira/browse/OLINGO-1295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16627661#comment-16627661
 ]


Michael commented on OLINGO-1295:
---------------------------------

Information I have is that jackson-core < 2.8.6 is vulnerable to Denial of 
Service (DoS).

> jackson upgrade odata-server and odata-client
> ---------------------------------------------
>
>                 Key: OLINGO-1295
>                 URL: https://issues.apache.org/jira/browse/OLINGO-1295
>             Project: Olingo
>          Issue Type: Improvement
>          Components: odata2-core, odata4-client
>    Affects Versions: (Java) V4 4.5.0
>            Reporter: Michael
>            Priority: Minor
>
> Upgrade Upgrade jackson core, databind, annotations, dataformat-xml, 
> jaxrs-json-provider.
> [https://github.com/apache/olingo-odata4/blob/003f0f4ffa07cbbc7500c1bece37a41813eb670e/pom.xml#L86]



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (OLINGO-1295) jackson upgrade odata-server and odata-client

Reply via email to