From 31e1385052fb10e152129f958298cdcd9d4783eb Mon Sep 17 00:00:00 2001
From: Alexander Scheel <ascheel@redhat.com>
Date: Oct 03 2019 22:37:18 +0000
Subject: Update to latest upstream release 2.10.0


Fixes: CVE-2019-14540
Fixes: CVE-2019-16335
Fixes: CVE-2019-16942
Fixes: CVE-2019-16943
Resolves: rhbz#1758168
Resolves: rhbz#1758172
Resolves: rhbz#1758183

Signed-off-by: Alexander Scheel <ascheel@redhat.com>

---

diff --git a/jackson-databind.spec b/jackson-databind.spec
index 5486012..a1e37b8 100644
--- a/jackson-databind.spec
+++ b/jackson-databind.spec
@@ -1,5 +1,5 @@
 Name:          jackson-databind
-Version:       2.9.9.3
+Version:       2.10.0
 Release:       1%{?dist}
 Summary:       General data-binding package for Jackson (2.x)
 License:       ASL 2.0 and LGPLv2+
@@ -8,10 +8,9 @@ Source0:       https://github.com/FasterXML/jackson-databind/archive/%{name}-%{v
 
 BuildRequires:  maven-local
 
-# TODO: Revert back to version macro when versions align again.
-BuildRequires:  mvn(com.fasterxml.jackson.core:jackson-annotations) >= 2.9.9
-BuildRequires:  mvn(com.fasterxml.jackson.core:jackson-core) >= 2.9.9
-BuildRequires:  mvn(com.fasterxml.jackson:jackson-base:pom:) >= 2.9.9
+BuildRequires:  mvn(com.fasterxml.jackson.core:jackson-annotations) >= %{version}
+BuildRequires:  mvn(com.fasterxml.jackson.core:jackson-core) >= %{version}
+BuildRequires:  mvn(com.fasterxml.jackson:jackson-base:pom:) >= %{version}
 BuildRequires:  mvn(com.google.code.maven-replacer-plugin:replacer)
 BuildRequires:  mvn(org.apache.felix:maven-bundle-plugin)
 BuildRequires:  mvn(org.powermock:powermock-api-mockito)
@@ -35,8 +34,9 @@ This package contains API documentation for %{name}.
 
 # Remove plugins unnecessary for RPM builds
 %pom_remove_plugin ":maven-enforcer-plugin"
+%pom_remove_plugin "org.jacoco:jacoco-maven-plugin"
+%pom_remove_plugin "org.moditect:moditect-maven-plugin"
 
-cp -p src/main/resources/META-INF/LICENSE .
 cp -p src/main/resources/META-INF/NOTICE .
 sed -i 's/\r//' LICENSE NOTICE
 
@@ -69,6 +69,16 @@ rm src/test/java/com/fasterxml/jackson/databind/ser/jdk/JDKTypeSerializationTest
 %license LICENSE NOTICE
 
 %changelog
+* Thu Oct 3 2019 Alexander Scheel <ascheel@redhat.com> - 2.10.0-1
+- Update to latest upstream release
+- Fixes: CVE-2019-14540
+- Fixes: CVE-2019-16335
+- Fixes: CVE-2019-16942
+- Fixes: CVE-2019-16943
+- Resolves: rhbz#1758168
+- Resolves: rhbz#1758172
+- Resolves: rhbz#1758183
+
 * Thu Sep 12 2019 Alexander Scheel <ascheel@redhat.com> - 2.9.9.3-1
 - Update to latest upstream release; fixes CVE-2019-12384
 
diff --git a/sources b/sources
index c6fb239..516837f 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (jackson-databind-2.9.9.3.tar.gz) = 1b5cd44f1ff25379b68a34973cede8a8bec42cb99c432effaf7b625566ba66bf2bdacd6b0e31b53b71e240163d1d7afdaee5b357495834ac7a12182bd284014c
+SHA512 (jackson-databind-2.10.0.tar.gz) = 1053e9418718d6f5f6ffbf4e2ce9880da698aa5910a147b8c729c75f0376863ff6a89a9eae3a03d3ae3f2f5bce3fe2f2cfb57d0db308956921c1b0f5c8139e8e