Merge pull request #577 from devn/devn/upgrade-jackson-for-cves

Upgrade jackson for CVE-2022-42003 and CVE-2022-42004
2025-12-17 08:21:11 +00:00 · 2022-12-18 09:55:58 +02:00 · 2022-12-18 09:55:58 +02:00 · 8654bf3277
commit 8654bf3277
parent b918c5f3ba 7e05f4931e
1 changed files with 2 additions and 2 deletions
--- a/project.clj
+++ b/project.clj
@ -36,8 +36,8 @@
                         [metosin/malli "0.8.2"]

                         ;; https://clojureverse.org/t/depending-on-the-right-versions-of-jackson-libraries/5111
-                         [com.fasterxml.jackson.core/jackson-core "2.13.2"]
-                         [com.fasterxml.jackson.core/jackson-databind "2.13.2.2"]
+                         [com.fasterxml.jackson.core/jackson-core "2.14.1"]
+                         [com.fasterxml.jackson.core/jackson-databind "2.14.1"]

                         [meta-merge "1.0.0"]
                         [fipp "0.6.25" :exclusions [org.clojure/core.rrb-vector]]