Upgrade fasterXML libraries for OS-9
Upgrade fasterXML to version 2.9.5 to address security vulnerability
Wrap calls to treeRead(InputStream) to handle new behavior of null streams
Change-Id: Id199cfacd0cf9e5371dc33de9f1e058c2e72eaa5
diff --git a/lib/BUCK b/lib/BUCK
index e2e9e4a..e0e6262 100644
--- a/lib/BUCK
+++ b/lib/BUCK
@@ -1,4 +1,4 @@
-# ***** This file was auto-generated at Wed, 14 Mar 2018 22:18:57 GMT. Do not edit this file manually. *****
+# ***** This file was auto-generated at Tue, 3 Apr 2018 18:26:05 GMT. Do not edit this file manually. *****
# ***** Use onos-lib-gen *****
pass_thru_pom(
@@ -457,28 +457,28 @@
remote_jar (
name = 'jackson-annotations',
- out = 'jackson-annotations-2.8.8.jar',
- url = 'mvn:com.fasterxml.jackson.core:jackson-annotations:jar:2.8.8',
- sha1 = '1ed81c0e4eb2d261d1da0a3a45bd6b199fb5cf9a',
- maven_coords = 'com.fasterxml.jackson.core:jackson-annotations:2.8.8',
+ out = 'jackson-annotations-2.9.5.jar',
+ url = 'mvn:com.fasterxml.jackson.core:jackson-annotations:jar:2.9.5',
+ sha1 = '9056ec9db21c57d43219a84bb18c129ae51c6a5d',
+ maven_coords = 'com.fasterxml.jackson.core:jackson-annotations:2.9.5',
visibility = [ 'PUBLIC' ],
)
remote_jar (
name = 'jackson-core',
- out = 'jackson-core-2.8.8.jar',
- url = 'mvn:com.fasterxml.jackson.core:jackson-core:jar:2.8.8',
- sha1 = 'd478fb6de45a7c3d2cad07c8ad70c7f0a797a020',
- maven_coords = 'com.fasterxml.jackson.core:jackson-core:2.8.8',
+ out = 'jackson-core-2.9.5.jar',
+ url = 'mvn:com.fasterxml.jackson.core:jackson-core:jar:2.9.5',
+ sha1 = 'a22ac51016944b06fd9ffbc9541c6e7ce5eea117',
+ maven_coords = 'com.fasterxml.jackson.core:jackson-core:2.9.5',
visibility = [ 'PUBLIC' ],
)
remote_jar (
name = 'jackson-databind',
- out = 'jackson-databind-2.8.8.jar',
- url = 'mvn:com.fasterxml.jackson.core:jackson-databind:jar:2.8.8',
- sha1 = 'bf88c7b27e95cbadce4e7c316a56c3efffda8026',
- maven_coords = 'com.fasterxml.jackson.core:jackson-databind:2.8.8',
+ out = 'jackson-databind-2.9.5.jar',
+ url = 'mvn:com.fasterxml.jackson.core:jackson-databind:jar:2.9.5',
+ sha1 = '3490508379d065fe3fcb80042b62f630f7588606',
+ maven_coords = 'com.fasterxml.jackson.core:jackson-databind:2.9.5',
visibility = [ 'PUBLIC' ],
)
diff --git a/lib/deps.json b/lib/deps.json
index 14a0ed2..3b45bf6 100644
--- a/lib/deps.json
+++ b/lib/deps.json
@@ -143,9 +143,9 @@
"retrofit": "mvn:com.squareup.retrofit:retrofit:1.9.0",
"okhttp": "mvn:com.squareup.okhttp:okhttp:2.4.0",
"okio": "mvn:com.squareup.okio:okio:1.4.0",
- "jackson-annotations": "mvn:com.fasterxml.jackson.core:jackson-annotations:2.8.8",
- "jackson-core": "mvn:com.fasterxml.jackson.core:jackson-core:2.8.8",
- "jackson-databind": "mvn:com.fasterxml.jackson.core:jackson-databind:2.8.8",
+ "jackson-annotations": "mvn:com.fasterxml.jackson.core:jackson-annotations:2.9.5",
+ "jackson-core": "mvn:com.fasterxml.jackson.core:jackson-core:2.9.5",
+ "jackson-databind": "mvn:com.fasterxml.jackson.core:jackson-databind:2.9.5",
"javax.annotation-api": "mvn:javax.annotation:javax.annotation-api:1.2",
"javax.inject": "mvn:org.glassfish.hk2.external:javax.inject:2.5.0-b32",
"javax.ws.rs-api": "mvn:javax.ws.rs:javax.ws.rs-api:2.0.1",
diff --git a/lib/pom.xml b/lib/pom.xml
index 236facc..0e343f7 100644
--- a/lib/pom.xml
+++ b/lib/pom.xml
@@ -45,7 +45,7 @@
<karaf.version>3.0.8</karaf.version>
<jersey.version>2.25.1</jersey.version>
<jetty.version>9.2.21.v20170120</jetty.version>
- <jackson.version>2.8.8</jackson.version>
+ <jackson.version>2.9.5</jackson.version>
<slf4j.version>1.7.21</slf4j.version>
<guava.version>22.0</guava.version>
<commons.io.version>2.4</commons.io.version>