[AMBARI-25352] Upgrade fasterxml jackson dependency due to CVE - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 3.0.0, 2.7.4
Fix Version/s: 3.0.0, 2.7.4
Component/s: security
Labels:
- pull-request-available

Description

We should upgrade Jackson databind dependencies because of the CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-14379

Attachments

Issue Links

links to

GitHub Pull Request #3066

GitHub Pull Request #3067

Activity

People

Assignee:

Viraj Jasani

Reporter:

Viraj Jasani

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

09/Aug/19 13:57

Updated:

13/Aug/19 18:32

Resolved:

13/Aug/19 18:32

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

1.5h