Skip to content

Commit a8e006e

Browse files
davemoore-davemoore-
committed
Updated Jackson dependency to resolve security vulnerability CVE-2019-12814.
1 parent a1332ce commit a8e006e

File tree

1 file changed

+4
-3
lines changed

1 file changed

+4
-3
lines changed

pom.xml

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,8 @@
1717
<zentity.version>1.3.1-beta1</zentity.version>
1818
<!-- dependency versions -->
1919
<elasticsearch.version>7.2.0</elasticsearch.version>
20-
<jackson.version>2.9.9</jackson.version>
20+
<jackson.core.version>2.9.9</jackson.core.version>
21+
<jackson.databind.version>2.9.9.1</jackson.databind.version>
2122
<jdk.version>1.8</jdk.version>
2223
<log4j.version>2.9.1</log4j.version>
2324
<commons-io.version>2.6</commons-io.version>
@@ -43,13 +44,13 @@
4344
<dependency>
4445
<groupId>com.fasterxml.jackson.core</groupId>
4546
<artifactId>jackson-core</artifactId>
46-
<version>${jackson.version}</version>
47+
<version>${jackson.core.version}</version>
4748
<scope>provided</scope><!-- provided by elasticsearch -->
4849
</dependency>
4950
<dependency>
5051
<groupId>com.fasterxml.jackson.core</groupId>
5152
<artifactId>jackson-databind</artifactId>
52-
<version>${jackson.version}</version>
53+
<version>${jackson.databind.version}</version>
5354
<scope>compile</scope><!-- not provided by elasticsearch -->
5455
</dependency>
5556
<!-- test infrastructure -->

0 commit comments

Comments
 (0)