Any updates on fixing the jackson-databind CVE? thx #4125
SteveS7777
started this conversation in
General
Replies: 1 comment 1 reply
-
|
I guess it's just a matter of updating the relevant dependencies. If we need to upgrade to a newer bug fix version then that should be fine, if it's a minor or major version we have to do IP due diligence. Would you be interested in creating an issue and contributing a PR? |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
we did do that and rebuilt it from source on our side. Not sure if we can do the PR. I wil check. thank you |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Any updates on fixing the jackson-databind CVE?
Beta Was this translation helpful? Give feedback.
All reactions