Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Update Jackson dependencies to the latest version #557

Merged
merged 1 commit into from
May 28, 2019
Merged

chore: Update Jackson dependencies to the latest version #557

merged 1 commit into from
May 28, 2019

Conversation

wkurniawan07
Copy link
Contributor

@wkurniawan07 wkurniawan07 commented Feb 6, 2019
edited
Loading

Greetings,

The Jackson dependencies used by this project are version 2.9.5, which are prone to multiple CVE-registered vulnerabilities (https://www.cvedetails.com/vulnerability-list/vendor_id-15866/Fasterxml.html).

Upgrading to 2.9.9 should solve those issues, although I'm afraid I'm in no position to ascertain that.

@thinkingserious thinkingserious added the status: code review request requesting a community code review or review from Twilio label Feb 6, 2019
@SendGridDX
Copy link
Collaborator

SendGridDX commented Feb 6, 2019
edited
Loading

CLA assistant check
All committers have signed the CLA.

@wkurniawan07 wkurniawan07 force-pushed the jackson-version branch 2 times, most recently from 9b8d5d1 to 621fd54 Compare February 6, 2019 17:28
@thinkingserious thinkingserious mentioned this pull request May 22, 2019
Closed
@nielvalr
Copy link

This PR upgrades the jackson dependency to 2.9.8. To fix #571 it needs to be further upgraded to 2.9.9

@wkurniawan07
Copy link
Contributor Author

This PR was created long ago whereby 2.9.8 was the latest. Will update.

@thinkingserious thinkingserious merged commit d8267bf into sendgrid:master May 28, 2019
@thinkingserious
Copy link
Contributor

Hello @wkurniawan07,

Thanks again for the PR!

We want to show our appreciation by sending you some swag. Could you please fill out this form so we can send it to you? Thanks!

Team SendGrid DX

@eshanholtz eshanholtz changed the title Update Jackson dependencies to the latest version chore: Update Jackson dependencies to the latest version Jan 31, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
status: code review request requesting a community code review or review from Twilio
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@wkurniawan07 @SendGridDX @nielvalr @thinkingserious