Details
Description
Now Jackson 2.9.5 is used and it is vulnerable (CVE-2018-11307). Let's upgrade to the latest version.
Attachments
Attachments
Issue Links
- is duplicated by
-
HADOOP-16198 Upgrade Jackson-databind version to 2.9.8
- Resolved
- relates to
-
HADOOP-9991 Fix up Hadoop POMs, roll up JARs to latest versions
- Open
-
HADOOP-15482 Upgrade jackson-databind to version 2.9.5
- Resolved