You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@zookeeper.apache.org by nk...@apache.org on 2019/05/30 13:55:51 UTC

[zookeeper] branch branch-3.5 updated: ZOOKEEPER-3405: Upgrade the version of Jackson-databind to address OWASP CVE

This is an automated email from the ASF dual-hosted git repository.

nkalmar pushed a commit to branch branch-3.5
in repository https://gitbox.apache.org/repos/asf/zookeeper.git


The following commit(s) were added to refs/heads/branch-3.5 by this push:
     new 186c6db  ZOOKEEPER-3405: Upgrade the version of Jackson-databind to address OWASP CVE
186c6db is described below

commit 186c6db480f0a19b0df29cc61a369cb31cc6dfe6
Author: Patrick Hunt <ph...@apache.org>
AuthorDate: Thu May 30 15:53:35 2019 +0200

    ZOOKEEPER-3405: Upgrade the version of Jackson-databind to address OWASP CVE
    
    Upgraded the library to the latest version.
    
    Change-Id: I94743e7f7817202fff25c757730ba05fe0a9cc17
    
    Author: Patrick Hunt <ph...@apache.org>
    
    Reviewers: Enrico Olivelli <eo...@apache.org>, Norbert Kalmar <nk...@apache.org>
    
    Closes #962 from phunt/ZOOKEEPER-3405
    
    (cherry picked from commit ca4b12430ef579f67785146a195ebfed5ca73f39)
    Signed-off-by: Norbert Kalmar <nk...@apache.org>
---
 build.xml | 2 +-
 pom.xml   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/build.xml b/build.xml
index ad35fc3..ec7f6d7 100644
--- a/build.xml
+++ b/build.xml
@@ -55,7 +55,7 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle.ant">
     <property name="javacc.version" value="5.0"/>
 
     <property name="jetty.version" value="9.4.15.v20190215"/>
-    <property name="jackson.version" value="2.9.8"/>
+    <property name="jackson.version" value="2.9.9"/>
     <property name="dependency-check-ant.version" value="4.0.2"/>
 
     <property name="commons-io.version" value="2.6"/>
diff --git a/pom.xml b/pom.xml
index 5dfbda4..206e869 100755
--- a/pom.xml
+++ b/pom.xml
@@ -278,7 +278,7 @@
     <hamcrest.version>1.3</hamcrest.version>
     <commons-cli.version>1.2</commons-cli.version>
     <jetty.version>9.4.17.v20190418</jetty.version>
-    <jackson.version>2.9.8</jackson.version>
+    <jackson.version>2.9.9</jackson.version>
     <netty.version>4.1.29.Final</netty.version>
     <json.version>1.1.1</json.version>
     <jline.version>2.11</jline.version>