Uploaded image for project: 'TinkerPop'
  1. TinkerPop
  2. TINKERPOP-2401

Upgrade Jackson-databind to 2.11.x

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: 3.4.8
    • Fix Version/s: 3.5.0, 3.4.9
    • Component/s: build-release
    • Labels:
      None

      Description

      Currently TinkerPop uses 2.9.10.5 version which has known security vulnerabilities.

      As per guidance from Jackson-databind, 2.9.x is a non-active branch. To quote from https://github.com/FasterXML/jackson

      2.9: non-active branch from which micro-patch releases (like 2.9.10.5) MAY be made for individual components (jackson-databind usually)

      Backport 2.11.x from master to 3.4-dev

        Attachments

          Activity

            People

            • Assignee:
              spmallette Stephen Mallette
              Reporter:
              divijvaidya Divij Vaidya
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: