Upgrade Jackson Databind Version
This MR upgrades the Jackson Databind version to address CVE-2020-36518.
Dependency Information After the Upgrade
Branch: upgrade-jackson-databind
SHA: 47b891d4ae80b7abe03c191a9410c83ac9f0412a
Maven: 0.15.0-SNAPSHOT| Maven Dependencies | Root | testing/ |
|---|---|---|
| core-lib-azure | 0.15.2 | |
| core-lib-gcp | 0.15.0, 0.10.0 | 0.3.25 |
| os-core-lib-aws | 0.15.0 | 0.15.0 |
| obm | 0.15.0 | |
| oqm | 0.15.0 | |
| os-core-common | 0.15.0 | 0.15.0, 0.3.18 |
| os-core-lib-ibm | 0.15.1 | 0.15.1 |
| osm | 0.15.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.13.2.2 | 2.13.2.2, 2.9.9.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.13.3, 2.11.1 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.13.3, 2.11.2 |