From: RehanRaza <muhammad.rehan.raza@est.tech>
Date: Wed, 27 Jan 2021 15:09:19 +0000 (+0100)
Subject: Upgrade jackson version in dependencies-bom
X-Git-Tag: 2.1.1~6
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=aa7c2484c692878d24753fe462069e94f6c3291b;p=ccsdk%2Fparent.git

Upgrade jackson version in dependencies-bom

Upgrade jackson to 2.11.4, the same version used by springboot 2.3.8.RELEASE which is the version currently used in ccsdk/parent's springboot pom.
This is intended to fix the following security vulnerability:

Component(displayName=com.fasterxml.jackson.core : jackson-databind : 2.10.1, hash=18eee15ffc662d27538d) [
Constraint(Critical security vulnerability)
[Security Vulnerability Severity >= 7 because: Found security vulnerability CVE-2020-25649 with severity >= 7 (severity = 7.5)] ]]

Change-Id: I0d1727296ac3c3227e5e5666a796b08a63a61aaa
Issue-ID: CCSDK-3108
Signed-off-by: RehanRaza <muhammad.rehan.raza@est.tech>
---

diff --git a/dependencies-bom/pom.xml b/dependencies-bom/pom.xml
index 48be278c..b084817f 100644
--- a/dependencies-bom/pom.xml
+++ b/dependencies-bom/pom.xml
@@ -44,7 +44,7 @@
             <dependency>
                 <groupId>com.fasterxml.jackson</groupId>
                 <artifactId>jackson-bom</artifactId>
-                <version>2.10.1</version>
+                <version>2.11.4</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>