On Tue, Dec 11, 2018 at 7:04 PM garvit singh <garvit.sin...@gmail.com> wrote: > > Hello, > > jackson-databind-2.6.7.2 > > > does it have fix for > > CVE-2018-7489 > CVE-2017-17485
No; these are Jackson-databind issues #1931 (CVE-2018-7489) and #1855 (CVE-2017-17485), and only included in patches for 2.7(.9.3) and later. -+ Tatu +- > > > -garvit > > -- > You received this message because you are subscribed to the Google Groups > "jackson-user" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to jackson-user+unsubscr...@googlegroups.com. > To post to this group, send email to jackson-user@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "jackson-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to jackson-user+unsubscr...@googlegroups.com. To post to this group, send email to jackson-user@googlegroups.com. For more options, visit https://groups.google.com/d/optout.