From 2e920df48d071f679dcefd1e6f6c179b4b703bb6 Mon Sep 17 00:00:00 2001
From: Matthew Zavislak <1291596+elevenfive@users.noreply.github.com>
Date: Fri, 26 Jul 2024 10:00:10 -0700
Subject: [PATCH] fix: Pull Jackson update to avoid DoS issue

- com.fasterxml.jackson.core:jackson-core 2.14.2 -> 2.17.2
- https://github.com/FasterXML/jackson-core/issues/861
- Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-7569538] in com.fasterxml.jackson.core:jackson-core@2.14.2
  introduced by com.google.http-client:google-http-client-jackson2@1.44.2 > com.fasterxml.jackson.core:jackson-core@2.14.2
  This issue was fixed in versions: 2.15.0-rc1
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index a73175e30..c6edabede 100644
--- a/pom.xml
+++ b/pom.xml
@@ -597,7 +597,7 @@
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <project.jsr305.version>3.0.2</project.jsr305.version>
     <project.gson.version>2.10.1</project.gson.version>
-    <project.jackson-core2.version>2.14.2</project.jackson-core2.version>
+    <project.jackson-core2.version>2.17.2</project.jackson-core2.version>
     <project.protobuf-java.version>3.21.12</project.protobuf-java.version>
     <project.guava.version>30.1.1-android</project.guava.version>
     <project.xpp3.version>1.1.4c</project.xpp3.version>