olingo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (OLINGO-1295) jackson upgrade odata-server and odata-client
Date Tue, 25 Sep 2018 17:12:00 GMT

    [ https://issues.apache.org/jira/browse/OLINGO-1295?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16627661#comment-16627661
] 

Michael commented on OLINGO-1295:
---------------------------------

Information I have is that jackson-core < 2.8.6 is vulnerable to Denial of Service (DoS).

> jackson upgrade odata-server and odata-client
> ---------------------------------------------
>
>                 Key: OLINGO-1295
>                 URL: https://issues.apache.org/jira/browse/OLINGO-1295
>             Project: Olingo
>          Issue Type: Improvement
>          Components: odata2-core, odata4-client
>    Affects Versions: (Java) V4 4.5.0
>            Reporter: Michael
>            Priority: Minor
>
> Upgrade Upgrade jackson core, databind, annotations, dataformat-xml, jaxrs-json-provider.
> [https://github.com/apache/olingo-odata4/blob/003f0f4ffa07cbbc7500c1bece37a41813eb670e/pom.xml#L86]



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message