From 3b0ba364a56ebd89cc4d2c237e642be751f83a14 Mon Sep 17 00:00:00 2001
From: Marco Schmidt <mschmidtgit@protonmail.com>
Date: Wed, 9 Oct 2019 23:12:23 +0200
Subject: [PATCH] fix CVE-2019-16942, CVE-2019-16943

by upgrading dependency jackson-databind/ to 2.10.0 https://github.com/FasterXML/jackson-databind/issues/2478
---
 build.gradle | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/build.gradle b/build.gradle
index 96415c5..c8e8f4a 100644
--- a/build.gradle
+++ b/build.gradle
@@ -62,8 +62,8 @@ tasks.withType(JavaCompile) {
 configurations.all {
   resolutionStrategy.eachDependency { DependencyResolveDetails details ->
     if (details.requested.group == 'com.fasterxml.jackson.core' && details.requested.name == 'jackson-databind') {
-      details.useVersion '2.9.10'
-      details.because 'CVE-2019-16335, CVE-2019-14540'
+      details.useVersion '2.10.0'
+      details.because 'CVE-2019-16942, CVE-2019-16943'
     }
     if (details.requested.group == 'commons-beanutils' && details.requested.name == 'commons-beanutils') {
       details.useVersion '1.9.4'