[
https://issues.jboss.org/browse/WFLY-6713?page=com.atlassian.jira.plugin....
]
Tomaz Cerar commented on WFLY-6713:
-----------------------------------
Also jackson-core 2.8 is still at CR1 release, we should at least wait for GA release
before upgrading.
Currently we are using jackson 2.7.3 which looking at CVE report is not affected.
Upgrade Jackson to 2.8.x due to CVE-2016-3720
---------------------------------------------
Key: WFLY-6713
URL:
https://issues.jboss.org/browse/WFLY-6713
Project: WildFly
Issue Type: Component Upgrade
Components: REST
Reporter: Juergen Zimmermann
Assignee: Stuart Douglas
Jackson 2.7.4 is currently used, but reported at
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3720
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)