Uploaded image for project: 'Apache Jena'
  1. Apache Jena
  2. JENA-1779

Update Jackson dependency to 2.10.0.

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • Jena 3.13.1
    • Jena 3.14.0
    • None
    • None

    Description

      CVE-2019-16942

      Vulnerable versions: < jackson-databind-2.9.10.1
      Patched version: jackson-databind-2.9.10.1

      A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.

      Attachments

        Issue Links

          is related to

          Task - A task that needs to be done. JENA-1762 Update Jackson dependency to 2.9.10 (core and databind)

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #629

          Activity

            People

              andy Andy Seaborne
              andy Andy Seaborne
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 0.5h
                  0.5h