Skip to content

Jackson Release 2.8.9

Jump to bottom
Tatu Saloranta edited this page May 18, 2017 · 15 revisions

Patch version of 2.8, not yet released. Following fixes are included.

Changes, core

Streaming

Databind

  • #1585: Invoke ServiceLoader.load() inside of a privileged block when loading modules using ObjectMapper.findModules()
  • #1595: JsonIgnoreProperties.allowSetters is not working in Jackson 2.8
  • #1599: Jackson Deserializer security vulnerability with default typing
  • #1607: @JsonIdentityReference not used when setup on class only

Changes, dataformats

Protobuf
  • #72: parser fails with /* comment */
  • #85: _decode32Bits() bug in ProtobufParser
XML
  • #228: XmlReadContext should hold current value
  • #233: XmlMapper.copy() doesn't properly copy internal configurations

Changes, other

Jackson jr

  • #50: Duplicate key detection does not work
Clone this wiki locally