Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-16675

Upgrade jackson-databind to 2.9.10.1

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • None
    • 3.3.0, 3.2.2
    • security
    • None

    Description

      Several net new CVEs were raised against jackson-databind 2.9.10.

      CVE-2019-16942
      CVE-2019-16943

      2.9.10.1 is released, which I believe addresses these two CVEs.

      Attachments

        1. HADOOP-16675.001.patch
          0.9 kB
          Lisheng Sun

        Issue Links

        is related to

        Task - A task that needs to be done. HADOOP-16803 Upgrade jackson-databind to 2.9.10.2

        • Blocker - Blocks development and/or testing work, production could not run
        • Resolved

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            leosun08 Lisheng Sun
            weichiu Wei-Chiu Chuang
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment