-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Jackson Release 2.8.9
Tatu Saloranta edited this page Apr 18, 2017
·
15 revisions
Patch version of 2.8, not yet released. Following fixes are included.
-
#1585: Invoke ServiceLoader.load() inside of a privileged block when loading modules using
ObjectMapper.findModules()
- #1599: Jackson Deserializer security vulnerability with default typing
-
#1607:
@JsonIdentityReference
not used when setup on class only
- #72: parser fails with /* comment */
- #50: Duplicate key detection does not work