From f8d8618ddaf501cc1f08dd6e1c7feb503f683b80 Mon Sep 17 00:00:00 2001
From: David Xia <dxia@spotify.com>
Date: Tue, 15 Jan 2019 13:31:48 -0500
Subject: [PATCH] Upgrade jackson deps to from 2.9.6 to latest 2.9.8

This patches a vulnerability in jackson-databind

* CVE-2018-19360
* CVE-2018-19362
* CVE-2018-19361
* CVE-2018-14718
* CVE-2018-14721
* CVE-2018-14719
* CVE-2018-14720

Upgrade the other jackson deps to the same latest version for consistency.
---
 pom.xml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index a87b98a6b..9e1bbdda9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -89,17 +89,17 @@
     <dependency>
       <groupId>com.fasterxml.jackson.jaxrs</groupId>
       <artifactId>jackson-jaxrs-json-provider</artifactId>
-      <version>2.9.6</version>
+      <version>2.9.8</version>
     </dependency>
     <dependency>
       <groupId>com.fasterxml.jackson.datatype</groupId>
       <artifactId>jackson-datatype-guava</artifactId>
-      <version>2.9.6</version>
+      <version>2.9.8</version>
     </dependency>
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
       <artifactId>jackson-databind</artifactId>
-      <version>2.9.6</version>
+      <version>2.9.8</version>
     </dependency>
     <dependency>
       <groupId>org.glassfish.jersey.core</groupId>