[HADOOP-16451] Update jackson-databind to 2.9.9.1 - ASF JIRA

Voters

Watch issue

Watchers

Create sub-task

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.3.0, 3.2.2
Component/s: None
Labels:
None

Description

https://nvd.nist.gov/vuln/detail/CVE-2019-12814
CVE-2019-12814 flags 2.9.9 as vulnerable. A new version 2.9.9.1 is available.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-16451.002.patch
24/Jul/19 05:36
2 kB
Siyao Meng
HADOOP-16451.001.patch
23/Jul/19 20:43
2 kB
Siyao Meng

Issue Links

Add Link

depends upon

HADOOP-16365 Upgrade jackson-databind to 2.9.9

Resolved

Delete this link

is related to

HBASE-22722 Upgrade jackson databind dependencies to 2.9.9.1

Resolved

Delete this link

HADOOP-16487 Update jackson-databind to 2.9.9.2

Resolved

Delete this link

relates to

HADOOP-16485 Remove dependency on jackson

Open

Delete this link

links to

CVE-2019-12814

Delete this link

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Siyao Meng

Reporter:: Wei-Chiu Chuang

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 23/Jul/19 12:31

Updated:: 10/Oct/19 06:43

Resolved:: 25/Jul/19 00:27

Agile

View on Board

Update jackson-databind to 2.9.9.1

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Agile

Slack

Issue deployment