Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-16451

Update jackson-databind to 2.9.9.1

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.3.0, 3.2.2
    • None
    • None

    Description

      https://nvd.nist.gov/vuln/detail/CVE-2019-12814
      CVE-2019-12814 flags 2.9.9 as vulnerable. A new version 2.9.9.1 is available.

      Attachments

        1. HADOOP-16451.001.patch
          2 kB
          Siyao Meng
        2. HADOOP-16451.002.patch
          2 kB
          Siyao Meng

        Issue Links

          depends upon

          Task - A task that needs to be done. HADOOP-16365 Upgrade jackson-databind to 2.9.9

          • Major - Major loss of function.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. HBASE-22722 Upgrade jackson databind dependencies to 2.9.9.1

          • Blocker - Blocks development and/or testing work, production could not run
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-16487 Update jackson-databind to 2.9.9.2

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved
          relates to

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-16485 Remove dependency on jackson

          • Major - Major loss of function.
          • Open
          links to

          Web Link CVE-2019-12814

          Activity

            People

              smeng Siyao Meng
              weichiu Wei-Chiu Chuang
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: