Uploaded image for project: 'Geode'
  1. Geode
  2. GEODE-7255

Need to pick up CVE-2019-16942

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 1.11.0
    • core
    • None

    Description

      There is a CVE out on Jackson versions before 2.10.0... We need to upgrade to 2.10.0 to get a fix.

      see CVE-2019-16942

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. GEODE-7264 Jackson-databind vulnerabilities

          • Major - Major loss of function.
          • Closed
          relates to

          Sub-task - The sub-task of the issue GEODE-7306 Upgrade Jackson-databind from 2.9.8 to 2.10.0

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. GEODE-7264 Jackson-databind vulnerabilities

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #4102

          Activity

            People

              mhansonp Mark Hanson
              mhansonp Mark Hanson
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h
                  1h