Jackson databind vulnerability

[ch0an]

It appears as though this project uses a pinned version of jackson that is vulnerable to CVE-2017-7525 ( FasterXML/jackson-databind#1723 ). Was curious if there were any plans to upgrade this?