Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-20071

Migrate to jackson 2.x and prevent usage

    XMLWordPrintableJSON

Details

    Description

      there are still some places where jackson 1.x is being used; even thru it's not even referenced from hive's pom.xml-s

      git grep -E 'import org.codehaus.jackson'|wc -l
106

      Attachments

        1. restrict_usage.patch
          2 kB
          Zoltan Haindrich

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. HIVE-24904 CVE-2019-10172,CVE-2019-10202 vulnerabilities in jackson-mapper-asl-1.9.13.jar

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. HIVE-22059 hive-exec jar doesn't contain (fasterxml) jackson library

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #2464

          Activity

            People

              kgyrtkirk Zoltan Haindrich
              kgyrtkirk Zoltan Haindrich
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 20m
                  20m