[jboss-jira] [JBoss JIRA] (WFCORE-4864) Bump the jackson databind test dep to 2.10.1

Thursday, 19 March 2020

     [
https://issues.redhat.com/browse/WFCORE-4864?page=com.atlassian.jira.plug...
]

Jeff Mesnil updated WFCORE-4864:
--------------------------------
    Summary: Bump the jackson databind test dep to 2.10.1  (was: Bump the jackson databind
test dep to 2.10.1 or 2.9.10.3)

...
 Bump the jackson databind test dep to 2.10.1
 --------------------------------------------

                 Key: WFCORE-4864
                 URL: https://issues.redhat.com/browse/WFCORE-4864
             Project: WildFly Core
          Issue Type: Component Upgrade
          Components: Security, Test Suite
            Reporter: Brian Stansberry
            Assignee: Brian Stansberry
            Priority: Major
             Fix For: 12.0.0.Beta1

 Address https://github.com/advisories/GHSA-gww7-p5w4-wrfv and
https://github.com/advisories/GHSA-4w82-r329-3q67
 This is just a test dep but might as well clear these.
 Full WildFly uses 2.10.1 so that's preferred. But if the test fixture that uses
databind doesn't work with that, go for 2.9.10.3. 

--
This message was sent by Atlassian Jira
(v7.13.8#713008)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-jira] [JBoss JIRA] (WFCORE-4864) Bump the jackson databind test dep to 2.10.1