You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@flume.apache.org by tr...@apache.org on 2022/03/28 06:12:58 UTC

[flume] branch trunk updated: FLUME-3414: upgrade jackson due to cve (#357)

This is an automated email from the ASF dual-hosted git repository.

tristan pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/flume.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 46e816a  FLUME-3414: upgrade jackson due to cve (#357)
46e816a is described below

commit 46e816aadd2a3796428c9393483384a90ea249e6
Author: PJ Fanning <pj...@users.noreply.github.com>
AuthorDate: Mon Mar 28 08:12:48 2022 +0200

    FLUME-3414: upgrade jackson due to cve (#357)
---
 pom.xml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 9c47c25..84dcb22 100644
--- a/pom.xml
+++ b/pom.xml
@@ -63,7 +63,8 @@ limitations under the License.
     <derby.version>10.14.1.0</derby.version>
     <dropwizard-metrics.version>4.1.18</dropwizard-metrics.version>
     <elasticsearch.version>0.90.1</elasticsearch.version>
-    <fasterxml.jackson.version>2.13.1</fasterxml.jackson.version>
+    <fasterxml.jackson.version>2.13.2</fasterxml.jackson.version>
+    <fasterxml.jackson.databind.version>2.13.2.1</fasterxml.jackson.databind.version>
     <fest-reflect.version>1.4</fest-reflect.version>
     <geronimo-jms.version>1.1.1</geronimo-jms.version>
     <gson.version>2.2.2</gson.version>
@@ -988,7 +989,7 @@ limitations under the License.
       <dependency>
         <groupId>com.fasterxml.jackson.core</groupId>
         <artifactId>jackson-databind</artifactId>
-        <version>${fasterxml.jackson.version}</version>
+        <version>${fasterxml.jackson.databind.version}</version>
       </dependency>
 
       <dependency>