[HADOOP-15994] Upgrade Jackson2 to 2.9.8 - ASF JIRA

Log work

Agile Board

Rank to Top

Rank to Bottom

Attach files

Attach Screenshot

Voters

Watch issue

Watchers

Create sub-task

Convert to sub-task

Move

Link

Clone

Labels

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.3.0, 3.2.1
Component/s: security
Labels:
None

Hadoop Flags:

Reviewed

Description

Now Jackson 2.9.5 is used and it is vulnerable (CVE-2018-11307). Let's upgrade to the latest version.

Attachments

HADOOP-15994-001.patch
10/Dec/18 10:28
0.6 kB
lqjacklee
HADOOP-15994-002.patch
11/Dec/18 05:12
0.6 kB
lqjacklee
HADOOP-15994-003.patch
11/Dec/18 09:55
0.6 kB
lqjacklee
460.patch
11/Jan/19 01:57
1 kB
Akira Ajisaka

Add Link

Issue Links

is duplicated by

HADOOP-16198 Upgrade Jackson-databind version to 2.9.8

Resolved

Delete this link

relates to

HADOOP-9991 Fix up Hadoop POMs, roll up JARs to latest versions

Open

Delete this link

HADOOP-15482 Upgrade jackson-databind to version 2.9.5

Resolved

Delete this link

Activity

Comment

$i18n.getText('security.level.explanation', $currentSelection) Viewable by All Users

Cancel

People

Assignee:

lqjacklee Assign to me

Reporter:

Akira Ajisaka

Votes:

0 Vote for this issue

Watchers:

6 Start watching this issue

Dates

Created:

10/Dec/18 09:12

Updated:

18/Mar/19 18:03

Resolved:

12/Jan/19 06:58

Agile

View on Board

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Agile

Issue deployment