From acd250eb0dd7e552fcf2c5676de9ab6e0818943f Mon Sep 17 00:00:00 2001
From: chi-chi weng <949409306@qq.com>
Date: Wed, 20 May 2020 18:34:21 +0800
Subject: [PATCH] Jackson has a serious security problem in 2.9.5, which will
 cause RCE

https://github.com/FasterXML/jackson-databind/issues/2295
---
 third_party/jackson/include.mk | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/third_party/jackson/include.mk b/third_party/jackson/include.mk
index d6e77b5957..dac82ab238 100644
--- a/third_party/jackson/include.mk
+++ b/third_party/jackson/include.mk
@@ -13,7 +13,7 @@
 # You should have received a copy of the GNU Lesser General Public License
 # along with this library.  If not, see <http://www.gnu.org/licenses/>.
 
-JACKSON_VERSION := 2.9.5
+JACKSON_VERSION := 2.9.10.3
 
 JACKSON_ANNOTATIONS_VERSION = $(JACKSON_VERSION)
 JACKSON_ANNOTATIONS := third_party/jackson/jackson-annotations-$(JACKSON_ANNOTATIONS_VERSION).jar