Robert Dale created TINKERPOP-2275: -------------------------------------- Summary: Update jackson databind 2.9.9.3+ Key: TINKERPOP-2275 URL: https://issues.apache.org/jira/browse/TINKERPOP-2275 Project: TinkerPop Issue Type: Improvement Components: io Affects Versions: 3.4.2, 3.3.7 Reporter: Robert Dale Assignee: Robert Dale
Fixes more gadget vulnerabilities with ehcache and logback in the classpath. [https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-455617] Note that the fix is in 2.9.9.2. However, that version broke things. Waiting for 2.9.9.3 to be released. [https://github.com/FasterXML/jackson-databind/issues/2395] TinkerPop is not directly affected hence low priority (let alone that the fix isn't even available). -- This message was sent by Atlassian JIRA (v7.6.14#76016)