[jboss-jira] [JBoss JIRA] (WFLY-6713) Upgrade Jackson to 2.8.x due to CVE-2016-3720

Wed Jun 15 09:14:01 EDT 2016

    [ https://issues.jboss.org/browse/WFLY-6713?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13252891#comment-13252891 ] 

Tomaz Cerar commented on WFLY-6713:
-----------------------------------

Problem is in jackson-dataformat-xml project  http://wiki.fasterxml.com/JacksonExtensionXmlDataBinding
Which Wildfly doesn't use.

> Upgrade Jackson to 2.8.x due to CVE-2016-3720
> ---------------------------------------------
>
>                 Key: WFLY-6713
>                 URL: https://issues.jboss.org/browse/WFLY-6713
>             Project: WildFly
>          Issue Type: Bug
>          Components: REST
>            Reporter: Juergen Zimmermann
>            Assignee: Stuart Douglas
>
> Jackson 2.7.4 is currently used, but reported at https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3720

--
This message was sent by Atlassian JIRA
(v6.4.11#64026)