Skip to content

4.9.3
Compare
Choose a tag to compare
@acogoluegnes acogoluegnes released this 18 Jan 08:43
v4.9.3
cfe5c23

Changes between 4.9.2 and 4.9.3

This is a patch release with an optional dependency bump to address a vulnerability. All users of the 4.x.x series are encouraged to upgrade to this version.

The optional dependency affected by the vulnerability is Jackson. The Java client uses this library as a pluggable mapping solution in the JSON RPC support. In the context of the Java client, you are affected by this vulnerability only if you added explicitly Jackson to your dependencies. You must then upgrade Jackson to 2.9.8.

Bump Jackson to 2.9.8

GitHub issue: #439

Assets 2