summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRehanRaza <muhammad.rehan.raza@est.tech>2021-01-27 16:09:19 +0100
committerDan Timoney <dtimoney@att.com>2021-01-27 19:18:54 +0000
commitaa7c2484c692878d24753fe462069e94f6c3291b (patch)
treea09e2d131723dea1df21693c350f8d277ec439b6
parentb6288f99fbfcc73f115511696f98111ca32b8d2f (diff)
Upgrade jackson version in dependencies-bom
Upgrade jackson to 2.11.4, the same version used by springboot 2.3.8.RELEASE which is the version currently used in ccsdk/parent's springboot pom. This is intended to fix the following security vulnerability: Component(displayName=com.fasterxml.jackson.core : jackson-databind : 2.10.1, hash=18eee15ffc662d27538d) [ Constraint(Critical security vulnerability) [Security Vulnerability Severity >= 7 because: Found security vulnerability CVE-2020-25649 with severity >= 7 (severity = 7.5)] ]] Change-Id: I0d1727296ac3c3227e5e5666a796b08a63a61aaa Issue-ID: CCSDK-3108 Signed-off-by: RehanRaza <muhammad.rehan.raza@est.tech>
-rw-r--r--dependencies-bom/pom.xml2
1 files changed, 1 insertions, 1 deletions
diff --git a/dependencies-bom/pom.xml b/dependencies-bom/pom.xml
index 48be278c..b084817f 100644
--- a/dependencies-bom/pom.xml
+++ b/dependencies-bom/pom.xml
@@ -44,7 +44,7 @@
<dependency>
<groupId>com.fasterxml.jackson</groupId>
<artifactId>jackson-bom</artifactId>
- <version>2.10.1</version>
+ <version>2.11.4</version>
<type>pom</type>
<scope>import</scope>
</dependency>