From a620983fb1a7a62a47ddf933723a3bf925e0586e Mon Sep 17 00:00:00 2001
From: Tyler Benson <tyler.benson@datadoghq.com>
Date: Mon, 14 Jan 2019 14:46:59 -0500
Subject: [PATCH] Upgrade jackson to 2.9.8

There is a vulerability in prior versions, per the following CVE: https://nvd.nist.gov/vuln/detail/CVE-2018-1000873
---
 gradle/dependencies.gradle | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle
index cea3e45c9f..425c3ed9a0 100644
--- a/gradle/dependencies.gradle
+++ b/gradle/dependencies.gradle
@@ -7,8 +7,7 @@ ext {
 
     slf4j      : "1.7.25",
     guava      : "20.0", // Last version to support Java 7
-    jackson    : "2.6.3", // This is a transitive dependency for the tracer.
-    // Use an old version to not force an upgrade for others using tracer as a dependency.
+    jackson    : "2.9.8", // https://nvd.nist.gov/vuln/detail/CVE-2018-1000873
 
     spock      : "1.2-groovy-$spockGroovyVer",
     groovy     : groovyVer,