-
Task
-
Resolution: Done
-
Neutral
-
None
-
None
-
-
Empty show more show less
-
Empty show more show less
-
Yes
-
Saigon 147
-
3
According to jackson-databind: the fix of (CVE-2017-7525) is introduced from 2.8.9 . See https://github.com/FasterXML/jackson-databind/issues/1599.
Note: There are some update from jackson related to another CVE issues: https://github.com/FasterXML/jackson-databind/issues?utf8=%E2%9C%93&q=label%3ACVE+. So it will be good if we can use resteasy shipped with newer jackson-databind ( like 2.9.5, 2.8.11.1)
Acceptance criteria
- depends upon
-
MGNLTOMCAT-3 Update Tomcat to 9.0.8
- Closed
- supersedes
-
MGNLREST-112 Lib updates
- Closed