[jboss-jira] [JBoss JIRA] (WFCORE-4864) Bump the jackson databind test dep to 2.10.1 or 2.9.10.3
Brian Stansberry (Jira)
issues at jboss.org
Wed Mar 4 20:33:54 EST 2020
Brian Stansberry created WFCORE-4864:
----------------------------------------
Summary: Bump the jackson databind test dep to 2.10.1 or 2.9.10.3
Key: WFCORE-4864
URL: https://issues.redhat.com/browse/WFCORE-4864
Project: WildFly Core
Issue Type: Component Upgrade
Components: Security, Test Suite
Reporter: Brian Stansberry
Assignee: Brian Stansberry
Address https://github.com/advisories/GHSA-gww7-p5w4-wrfv and https://github.com/advisories/GHSA-4w82-r329-3q67
This is just a test dep but might as well clear these.
Full WildFly uses 2.10.1 so that's preferred. But if the test fixture that uses databind doesn't work with that, go for 2.9.10.3.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list