You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zookeeper.apache.org by nk...@apache.org on 2019/05/30 13:55:51 UTC
[zookeeper] branch branch-3.5 updated: ZOOKEEPER-3405: Upgrade the
version of Jackson-databind to address OWASP CVE
This is an automated email from the ASF dual-hosted git repository.
nkalmar pushed a commit to branch branch-3.5
in repository https://gitbox.apache.org/repos/asf/zookeeper.git
The following commit(s) were added to refs/heads/branch-3.5 by this push:
new 186c6db ZOOKEEPER-3405: Upgrade the version of Jackson-databind to address OWASP CVE
186c6db is described below
commit 186c6db480f0a19b0df29cc61a369cb31cc6dfe6
Author: Patrick Hunt <ph...@apache.org>
AuthorDate: Thu May 30 15:53:35 2019 +0200
ZOOKEEPER-3405: Upgrade the version of Jackson-databind to address OWASP CVE
Upgraded the library to the latest version.
Change-Id: I94743e7f7817202fff25c757730ba05fe0a9cc17
Author: Patrick Hunt <ph...@apache.org>
Reviewers: Enrico Olivelli <eo...@apache.org>, Norbert Kalmar <nk...@apache.org>
Closes #962 from phunt/ZOOKEEPER-3405
(cherry picked from commit ca4b12430ef579f67785146a195ebfed5ca73f39)
Signed-off-by: Norbert Kalmar <nk...@apache.org>
---
build.xml | 2 +-
pom.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/build.xml b/build.xml
index ad35fc3..ec7f6d7 100644
--- a/build.xml
+++ b/build.xml
@@ -55,7 +55,7 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle.ant">
<property name="javacc.version" value="5.0"/>
<property name="jetty.version" value="9.4.15.v20190215"/>
- <property name="jackson.version" value="2.9.8"/>
+ <property name="jackson.version" value="2.9.9"/>
<property name="dependency-check-ant.version" value="4.0.2"/>
<property name="commons-io.version" value="2.6"/>
diff --git a/pom.xml b/pom.xml
index 5dfbda4..206e869 100755
--- a/pom.xml
+++ b/pom.xml
@@ -278,7 +278,7 @@
<hamcrest.version>1.3</hamcrest.version>
<commons-cli.version>1.2</commons-cli.version>
<jetty.version>9.4.17.v20190418</jetty.version>
- <jackson.version>2.9.8</jackson.version>
+ <jackson.version>2.9.9</jackson.version>
<netty.version>4.1.29.Final</netty.version>
<json.version>1.1.1</json.version>
<jline.version>2.11</jline.version>