subject:"\[jackson\-user\] Backports of CVE\-2017\-7525"

Re: [jackson-user] Backports of CVE-2017-7525

2018-04-06 Thread Tatu Saloranta

On Wed, Apr 4, 2018 at 9:43 PM, 'Michael Yoder' via jackson-user wrote: > On Wed, Apr 4, 2018 at 6:30 PM, Tatu Saloranta wrote: >> >> This sounds like useful for many users. Thank you for sharing! > > > You're welcome. > >> Some thoughts >>

Re: [jackson-user] Backports of CVE-2017-7525

2018-04-04 Thread 'Michael Yoder' via jackson-user

On Wed, Apr 4, 2018 at 6:30 PM, Tatu Saloranta wrote: > This sounds like useful for many users. Thank you for sharing! > You're welcome. Some thoughts > > On 1.x; there is: > > https://github.com/FasterXML/jackson-1 Oh, I didn't realize that. I forked from

Re: [jackson-user] Backports of CVE-2017-7525

2018-04-04 Thread Tatu Saloranta

This sounds like useful for many users. Thank you for sharing! Some thoughts On 1.x; there is: https://github.com/FasterXML/jackson-1 from which it would be nice to still release 1.9.14. But as things are, there is no Maven release process into Nexus that works (1.x uses/used Ant, with

[jackson-user] Backports of CVE-2017-7525

2018-04-04 Thread 'Michael Yoder' via jackson-user

TL;DR: I've backported the fixes for CVE-2017-7525 and related issues to select old / archaic versions. This might be useful to someone else, hence this email. Cloudera (my employer) provides supported versions of lots of open source projects. Most of them use jackson in some form. Most of them

Re: [jackson-user] Backports of CVE-2017-7525

Re: [jackson-user] Backports of CVE-2017-7525

Re: [jackson-user] Backports of CVE-2017-7525

[jackson-user] Backports of CVE-2017-7525

4 matches

Site Navigation

Mail list logo

Footer information