Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-14104

Bump Jackson to 2.10.1

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    Description

      Our current Jackson version (2.9.8) is vulnerable for at least this CVE:
      https://nvd.nist.gov/vuln/detail/CVE-2019-14379

      Bumping to 2.9.9.3 should solve it.
      See https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            nkruber Nico Kruber
            nkruber Nico Kruber
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 2h 20m
                2h 20m

                Slack

                  Issue deployment