[CURATOR-481] Remove jackson-mapper-asl-version and update to latest version of jackson - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.3.0
Fix Version/s: 4.2.0
Component/s: General
Labels:
None

Description

There is a vulnerability issue in jackson-mapper-asl-version 1.9.13 and it is no longer supported. The same issue was present in jackson-databind till version 2.7.9.1.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7525

We already have a dependency on jackson 2.x. Let's replace jackson-mapper-asl with jackson-databind and update jackson to the latest version.

Attachments

Issue Links

links to

GitHub Pull Request #280

Activity

People

Assignee:: Jordan Zimmerman

Reporter:: Maxim Pudov

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 09/Oct/18 12:07

Updated:: 30/Jun/23 07:54

Resolved:: 03/Mar/19 19:15

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

0.5h