Bump Jackson to 2.9.9.1

acogoluegnes · acogoluegnes · commit ec03c6d48c26 · 2019-07-23T15:33:31.000+02:00
To address https://nvd.nist.gov/vuln/detail/CVE-2019-12814. Jackson is an optional dependency, necessary only when using JSON RPC. (cherry picked from commit ebddf5b)
diff --git a/pom.xml b/pom.xml
@@ -57,7 +57,7 @@
     <slf4j.version>1.7.26</slf4j.version>
     <metrics.version>4.1.0</metrics.version>
     <micrometer.version>1.2.0</micrometer.version>
-    <jackson.version>2.9.9</jackson.version>
+    <jackson.version>2.9.9.1</jackson.version>
     <logback.version>1.2.3</logback.version>
     <junit.version>4.12</junit.version>
     <awaitility.version>3.1.6</awaitility.version>
