Skip to content

Jackson Release 2.8.9

Jump to bottom
Tatu Saloranta edited this page Jun 2, 2017 · 15 revisions

Patch version of 2.8, not yet released. Following fixes are included.

Changes, core

Streaming

  • #382: ArrayIndexOutOfBoundsException from UTF32Reader.read on invalid input

Databind

  • #1585: Invoke ServiceLoader.load() inside of a privileged block when loading modules using ObjectMapper.findModules()
  • #1595: JsonIgnoreProperties.allowSetters is not working in Jackson 2.8
  • #1597: Escape JSONP breaking characters
  • #1599: Jackson Deserializer security vulnerability with default typing
  • #1607: @JsonIdentityReference not used when setup on class only
  • #1629: FromStringDeserializer ignores registered DeserializationProblemHandler for java.util.UUID

Changes, dataformats

Protobuf
  • #72: parser fails with /* comment */
  • #85: _decode32Bits() bug in ProtobufParser
XML
  • #228: XmlReadContext should hold current value
  • #233: XmlMapper.copy() doesn't properly copy internal configurations

Changes, other

Jackson jr

  • #50: Duplicate key detection does not work
Clone this wiki locally