connect2id / OAuth 2.0 SDK with OpenID Connect extensions / issues / #357 - Bump json-smart to 2.4.2 for 8.x — Bitbucket

Issue #357 resolved

Vladimir Kryukov created an issue 2021-04-07

Hi guys,

Since #233 is probably will be handled only in 10.x & the vulnerability was fixed by json-smart maintainer - I think it’s good idea to backport the bump of the library to 8.x branch as well (because spring-security, for example, uses 8.x branch).

Br.
Vladimir

Comments (1)

Yavor Vasilev
- changed status to resolved
Backport in version 8.36.2 (2021-04-15)
- 2021-04-15T07:16:20+00:00
Log in to comment

Assignee: –

Type: enhancement

Priority: critical

Status: resolved

Milestone: –

Votes: 1

Watchers: 2

Jira: the preferred issue tracker for Bitbucket. Join the team!