- Release Type: Vulnerability Maintenance Release
- Date of Shipment: 2018-10-23
- This release brings bug-fixes for vulnerabilities of Jackson >= 2.9.0 and < 2.9.5 that ships with JobScheduler releases 1.12 to 1.12.6. We recommend that users of JobScheduler 1.12 install this release. This is a maintenance release based on Release 1.12.7.
- See https://www.cvedetails.com/cve-details.php?t=1&cve_id=CVE-2018-7489 and https://github.com/sos-berlin/all/network/alert/pom.xml/com.fasterxml.jackson.core:jackson-databind/open
- This release exclusively applies to JOC Cockpit - JobScheduler Master and YADE are not affected by the vulnerabilities.
- See complete Release 1.12.7
|Key||T||Sub-Tasks||Linked Issues||Fix Version/s||P||Summary||Status||Resolution||cve-id|
|JOC-588||1.12.7||Update Jackson version to >= 2.9.5 due to vulnerability issue in Jackson (CVE-2018-7489)||Released||Fixed||CVE-2018-7489|