Security fix release 4.1.2

10 views
Skip to first unread message

Jakub Białek

unread,
Jan 15, 2019, 6:43:33 AM1/15/19
to simple-sprin...@googlegroups.com
Hi,

I've released SSM 4.1.2 with updated jackson dependency to 2.9.8 due to security issue: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000873.

The release should be soon available in central maven repository.

Best regards,
-- Ragnor

Jakub Białek

unread,
Jan 15, 2019, 6:50:27 AM1/15/19
to simple-sprin...@googlegroups.com
One more information important if you use custom jackson serialization with type info. It seams that it has change a little bit between 2.8.x and 2.9.x. 

Best regards,
-- Ragnor

--
You received this message because you are subscribed to the Google Groups "simple-spring-memecached" group.
To unsubscribe from this group and stop receiving emails from it, send an email to simple-spring-meme...@googlegroups.com.
To post to this group, send email to simple-sprin...@googlegroups.com.
Visit this group at https://groups.google.com/group/simple-spring-memecached.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages