Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-41783

Upgrade Jackson Versions in LTI pom.xml

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: CLOSED
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 12.6, 19.1, 20.0 [Tentative]
    • Fix Version/s: 12.7, 19.3, 20.0 [Tentative]
    • Component/s: Global
    • Labels:
      None
    • 19 status:
      Verified
    • 12 status:
      Resolved
    • 11 status:
      Please Merge
    • Test Plan:
      Hide

      Just test for regressions in LTI and Roster.  In LTI a pretty simple test is to launch the LMS tool and pull down a the lineitems through the API.

      Show
      Just test for regressions in LTI and Roster.  In LTI a pretty simple test is to launch the LMS tool and pull down a the lineitems through the API.

      Description

      This came in from Google: We found a potential security vulnerability in a repository for which you have been granted security alert access.

      @tsugiproject tsugiproject/tsugi-util
      Known high severity security vulnerability detected in com.fasterxml.jackson.core:jackson-databind < 2.8.11 defined in pom.xml.
      pom.xml update suggested: com.fasterxml.jackson.core:jackson-databind ~> 2.8.11.
      Always verify the validity and compatibility of suggestions with your codebase.

      There are no particular steps to reproduce this - it is just upgrading the version of a jar file.  The key is to check for regressions in LTI in particular.

        Gliffy Diagrams

          Attachments

          1. 0908_LTI_Advantage.gif
            0908_LTI_Advantage.gif
            13 kB
          2. 12.7 LTI.gif
            12.7 LTI.gif
            11 kB
          3. 19x LTI.gif
            19x LTI.gif
            31 kB
          4. LTI_Advantage_19x.gif
            LTI_Advantage_19x.gif
            20 kB

            Activity

              People

              • Assignee:
                csev Charles Severance
                Reporter:
                csev Charles Severance
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Git Source Code