mirror of https://github.com/jwtk/jjwt.git
Merge pull request #463 from jwtk/461-jackson-upgrade
Issue 461: upgraded Jackson version to 2.9.9.1. Fixes #461.
This commit is contained in:
commit
41f81570e9
|
@ -5,6 +5,12 @@
|
||||||
This patch release fixes a [memory leak](https://github.com/jwtk/jjwt/issues/392) found in the DEFLATE compression
|
This patch release fixes a [memory leak](https://github.com/jwtk/jjwt/issues/392) found in the DEFLATE compression
|
||||||
codec implementation.
|
codec implementation.
|
||||||
|
|
||||||
|
It also updates the Jackson dependency version to [2.9.9.1](https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9#patches)
|
||||||
|
to address three security vulnerabilities in Jackson:
|
||||||
|
[CVE-2019-12086](https://nvd.nist.gov/vuln/detail/CVE-2019-12086),
|
||||||
|
[CVE-2019-12384](https://nvd.nist.gov/vuln/detail/CVE-2019-12384), and
|
||||||
|
[CVE-2019-12814](https://nvd.nist.gov/vuln/detail/CVE-2019-12814).
|
||||||
|
|
||||||
### 0.10.6
|
### 0.10.6
|
||||||
|
|
||||||
This patch release updates the jackson-databind version to 2.9.8 to address a critical security vulnerability in that
|
This patch release updates the jackson-databind version to 2.9.8 to address a critical security vulnerability in that
|
||||||
|
|
2
pom.xml
2
pom.xml
|
@ -88,7 +88,7 @@
|
||||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||||
<buildNumber>${user.name}-${maven.build.timestamp}</buildNumber>
|
<buildNumber>${user.name}-${maven.build.timestamp}</buildNumber>
|
||||||
|
|
||||||
<jackson.version>2.9.8</jackson.version>
|
<jackson.version>2.9.9.1</jackson.version>
|
||||||
<orgjson.version>20180130</orgjson.version>
|
<orgjson.version>20180130</orgjson.version>
|
||||||
|
|
||||||
<!-- Optional Runtime Dependencies: -->
|
<!-- Optional Runtime Dependencies: -->
|
||||||
|
|
Loading…
Reference in New Issue