From 3b153a0ded5053efc2e2841284e90e4793c865c4 Mon Sep 17 00:00:00 2001
From: Evan Sims <evan.sims@auth0.com>
Date: Sat, 26 Mar 2022 14:20:55 -0400
Subject: [PATCH 1/2] Security: Bump `jackson-databind` to 2.13.2.1

This PR bumps the `jackson-databind` dependency to 2.13.2.1 to address [CVE-2020-36518](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518) in that library
---
 lib/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/build.gradle b/lib/build.gradle
index 55f531b8..3b016b19 100644
--- a/lib/build.gradle
+++ b/lib/build.gradle
@@ -47,7 +47,7 @@ javadoc {
 }
 
 dependencies {
-    implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.2'
+    implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.2.1'
     testImplementation 'org.bouncycastle:bcprov-jdk15on:1.60'
     testImplementation 'junit:junit:4.12'
     testImplementation 'net.jodah:concurrentunit:0.4.3'

From d923e992b157ea54493ecaa5e35c73c382fff7ff Mon Sep 17 00:00:00 2001
From: Evan Sims <evan.sims@auth0.com>
Date: Tue, 29 Mar 2022 14:08:39 -0400
Subject: [PATCH 2/2] Bump to 2.13.2.2

---
 lib/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/build.gradle b/lib/build.gradle
index 3b016b19..fbc88df8 100644
--- a/lib/build.gradle
+++ b/lib/build.gradle
@@ -47,7 +47,7 @@ javadoc {
 }
 
 dependencies {
-    implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.2.1'
+    implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.2.2'
     testImplementation 'org.bouncycastle:bcprov-jdk15on:1.60'
     testImplementation 'junit:junit:4.12'
     testImplementation 'net.jodah:concurrentunit:0.4.3'