Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-13901

Update jackson-databind to 2.10.0.pr1 for security vulnerabilities

    XMLWordPrintableJSON

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: 8.3
    • Fix Version/s: None
    • Component/s: Build
    • Labels:
      None

      Description

      This is needed to resolve the following security vulnerabilities: [CVE-2019-14540|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540], [CVE-2019-16335|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16335], [CVE-2019-16942|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16942], [CVE-2019-16943|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16943], [CVE-2019-17267|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17267] and [CVE-2019-17531|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17531].

      If solr is not impacted by these vulnerabilities then go ahead and de-escalate this issue.  Thanks.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                charles.dumont@pnp-hcl.com Charles Dumont
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: