Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-41783

Upgrade Jackson Versions in LTI pom.xml

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: CLOSED
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 12.6, 19.1, 20.0
    • Fix Version/s: 12.7, 19.3, 20.0
    • Component/s: Global
    • Labels:
      None
    • 19 status:
      Verified
    • 12 status:
      Resolved
    • 11 status:
      Please Merge
    • Test Plan:
      Hide

      Just test for regressions in LTI and Roster.  In LTI a pretty simple test is to launch the LMS tool and pull down a the lineitems through the API.

      Show
      Just test for regressions in LTI and Roster.  In LTI a pretty simple test is to launch the LMS tool and pull down a the lineitems through the API.

      Description

      This came in from Google: We found a potential security vulnerability in a repository for which you have been granted security alert access.

      @tsugiproject tsugiproject/tsugi-util
      Known high severity security vulnerability detected in com.fasterxml.jackson.core:jackson-databind < 2.8.11 defined in pom.xml.
      pom.xml update suggested: com.fasterxml.jackson.core:jackson-databind ~> 2.8.11.
      Always verify the validity and compatibility of suggestions with your codebase.

      There are no particular steps to reproduce this - it is just upgrading the version of a jar file.  The key is to check for regressions in LTI in particular.

        Gliffy Diagrams

          Zeplin

            Attachments

            1. 0908_LTI_Advantage.gif
              0908_LTI_Advantage.gif
              13 kB
            2. 12.7 LTI.gif
              12.7 LTI.gif
              11 kB
            3. 19x LTI.gif
              19x LTI.gif
              31 kB
            4. LTI_Advantage_19x.gif
              LTI_Advantage_19x.gif
              20 kB

              Activity

                People

                • Assignee:
                  csev Charles Severance
                  Reporter:
                  csev Charles Severance
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Git Integration