Merge pull request #1035 from DataDog/tyler/jackson-upgrade

Upgrade Jackson to 2.10.0
2019-10-09 16:59:23 +02:00 · 2019-10-09 16:59:23 +02:00 · 5fecfa3617
parent 7dbad68fe4 a6200f96c3
commit 5fecfa3617
2 changed files with 2 additions and 2 deletions
--- a/dd-java-agent/agent-jmxfetch/agent-jmxfetch.gradle
+++ b/dd-java-agent/agent-jmxfetch/agent-jmxfetch.gradle
@ -4,7 +4,7 @@ plugins {
 apply from: "${rootDir}/gradle/java.gradle"

 dependencies {
-  compile('com.datadoghq:jmxfetch:0.32.0') {
+  compile('com.datadoghq:jmxfetch:0.32.1') {
    exclude group: 'org.slf4j', module: 'slf4j-log4j12'
    exclude group: 'log4j', module: 'log4j'
  }
--- a/gradle/dependencies.gradle
+++ b/gradle/dependencies.gradle
@ -9,7 +9,7 @@ ext {
    guava      : "20.0", // Last version to support Java 7

    // When upgrading for security fixes, ensure corresponding change is reflected in jmxfetch.
-    jackson    : "2.9.9.3", // https://nvd.nist.gov/vuln/detail/CVE-2019-14379
+    jackson    : "2.10.0", // https://nvd.nist.gov/vuln/detail/CVE-2019-16942 et al

    spock      : "1.3-groovy-$spockGroovyVer",
    groovy     : groovyVer,