From 89fa2b249d5917c69f6ec9432dee45f14789cb04 Mon Sep 17 00:00:00 2001
From: David Byron <82477955+dbyron-sf@users.noreply.github.com>
Date: Tue, 14 Jun 2022 09:57:10 -0700
Subject: [PATCH] chore(dependencies): fix CVE-2020-36518 by upgrading
 com.fasterxml.jackson:jackson-bom to 2.12.6.20220326 (#966)

see https://github.com/FasterXML/jackson-databind/issues/2816
---
 spinnaker-dependencies/spinnaker-dependencies.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spinnaker-dependencies/spinnaker-dependencies.gradle b/spinnaker-dependencies/spinnaker-dependencies.gradle
index cad9ec82e..e09c4713b 100644
--- a/spinnaker-dependencies/spinnaker-dependencies.gradle
+++ b/spinnaker-dependencies/spinnaker-dependencies.gradle
@@ -55,7 +55,7 @@ dependencies {
   // this project and need to configure gradle plugins etc.
   api(platform("org.jetbrains.kotlin:kotlin-bom:$kotlinVersion"))
   api(platform("org.junit:junit-bom:5.6.3"))
-  api(platform("com.fasterxml.jackson:jackson-bom:2.12.6"))
+  api(platform("com.fasterxml.jackson:jackson-bom:2.12.6.20220326"))
   api(platform("io.zipkin.brave:brave-bom:${versions.brave}"))
   api(platform("org.springframework.boot:spring-boot-dependencies:${versions.springBoot}"))
   api(platform("com.amazonaws:aws-java-sdk-bom:${versions.aws}"))