[HBASE-26732] Update jackson to 2.13.1 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: thirdparty-4.1.0
Component/s: security, thirdparty
Labels:
None

Hadoop Flags:

Reviewed
Release Note:

Hide
Upgrade jackson databind from 2.10.1 -> 2.13.1.

For addressing a possible Dos attack described in https://github.com/FasterXML/jackson-databind/issues/3328.

Show
Upgrade jackson databind from 2.10.1 -> 2.13.1. For addressing a possible Dos attack described in https://github.com/FasterXML/jackson-databind/issues/3328 .

Description

Update jackson-databind to 2.13.1 to address a raised vulnerability that could possible DoS attack certain versions of Jackson. Please refer to https://github.com/FasterXML/jackson-databind/issues/3328 for further info.

Attachments

Issue Links

links to

GitHub Pull Request #74

GitHub Pull Request #4179

Activity

People

Assignee:: Andrew Kyle Purtell

Reporter:: Andrew Kyle Purtell

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 04/Feb/22 20:07

Updated:: 08/Mar/22 20:04

Resolved:: 08/Mar/22 20:04