Created by: muffato
See https://github.com/Ensembl/ensembl-hive/network/alert/wrappers/java/pom.xml/com.fasterxml.jackson.core:jackson-databind/open and https://nvd.nist.gov/vuln/detail/CVE-2019-12814 for a description of the vulnerability. I'm not aware of anyone using Java and eHive (I'm only aware of plans to do so) but I thought. Let's patch this and make GitHub happy.
Just bumped to 126.96.36.199. I don't want to define to an open interval as this is version/2.5, which shouldn't get any significant changes, and upstream may break the interface in a 3.* version.
188.8.131.52 seems compatible, so I can't see any drawbacks
Have you added/modified unit tests to test the changes?
Nothing to change.
Have you run the entire test suite and no regression was detected?