Update CVE id for #1599 in 2.8 release notes

FasterXML · Apr 26, 2020 · ff427dd · ff427dd
1 parent 7a5f3f9
commit ff427dd
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/release-notes/VERSION b/release-notes/VERSION
@@ -116,7 +116,7 @@ Project: jackson-databind
 #1585: Invoke ServiceLoader.load() inside of a privileged block when loading
   modules using `ObjectMapper.findModules()`
  (contributed by Ivo S)
-#1599: Jackson Deserializer security vulnerability
+#1599: Jackson Deserializer security vulnerability (CVE-2017-7525)
  (reported by ayound@github)
 #1607: @JsonIdentityReference not used when setup on class only
  (reported by vboulaye@github)