From 6e1634a633ce023ce6fd18f78826294c5a05aa23 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lo=C3=AFc=20Mathieu?= <loikeseke@gmail.com>
Date: Wed, 23 Oct 2019 11:17:38 +0200
Subject: [PATCH] fix: jackson-databind CVEs

CVE-2019-16942, CVE-2019-16943, CVE-2019-17531
---
 bom/runtime/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bom/runtime/pom.xml b/bom/runtime/pom.xml
index 0ab404fab9211..ea5b5f97a07b9 100644
--- a/bom/runtime/pom.xml
+++ b/bom/runtime/pom.xml
@@ -68,7 +68,7 @@
            is not available in Maven fast enough: -->
         <graal-sdk.version>19.2.0.1</graal-sdk.version>
         <gizmo.version>1.0.0.Alpha8</gizmo.version>
-        <jackson.version>2.9.10</jackson.version>
+        <jackson.version>2.9.10.20191020</jackson.version>
         <commons-logging-jboss-logging.version>1.0.0.Final</commons-logging-jboss-logging.version>
         <commons-lang3.version>3.8.1</commons-lang3.version>
         <commons-codec.version>1.11</commons-codec.version>