Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-16485 Remove dependency on jackson
  3. HADOOP-16905

Update jackson-databind to 2.10.3 to relieve us from the endless CVE patches

    XMLWordPrintableJSON

    Details

    • Type: Sub-task
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.3.0
    • Component/s: None
    • Labels:
    • Target Version/s:
    • Hadoop Flags:
      Reviewed

      Description

      Jackson-databind 2.10 should relieve us from the endless CVE patches according to https://medium.com/@cowtowncoder/jackson-2-10-features-cd880674d8a2

      Not sure if this is an easy update, but i think we should do this in the Hadoop 3.3.0 and before removing jackson-databind entirely.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                weichiu Wei-Chiu Chuang
                Reporter:
                weichiu Wei-Chiu Chuang
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: