From 0b007d65233ead073588cdd318cd25d6bf157591 Mon Sep 17 00:00:00 2001 From: Rundeck CI Date: Wed, 1 Jul 2026 09:51:11 -0700 Subject: [PATCH] RUN-4569 Mitigate Jackson CVE-2026-54512/54513 Bump rundeck-core to 6.1.0-SNAPSHOT, which pulls the patched jackson-databind 2.22.0 transitively and mitigates CVE-2026-54512 / CVE-2026-54513. --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index cd2bd59..728800d 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -1,7 +1,7 @@ [versions] axionRelease = "1.21.2" groovy = "4.0.32" -rundeckCore = "6.0.0-alpha1-20260407" +rundeckCore = "6.1.0-SNAPSHOT" nexusPublish = "2.0.0" spock = "2.4-groovy-4.0" # Security overrides for transitive dependencies