You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@arrow.apache.org by "Matt Darwin (JIRA)" <ji...@apache.org> on 2017/07/20 13:23:00 UTC
[jira] [Created] (ARROW-1242) security - upgrade Jackson to
mitigate 3 CVE vulnerabilities
Matt Darwin created ARROW-1242:
----------------------------------
Summary: security - upgrade Jackson to mitigate 3 CVE vulnerabilities
Key: ARROW-1242
URL: https://issues.apache.org/jira/browse/ARROW-1242
Project: Apache Arrow
Issue Type: Bug
Components: Java - Memory, Java - Vectors
Affects Versions: 0.4.1
Reporter: Matt Darwin
Fix For: 0.5.0
please consider upgrading jackson to mitigate its various vulnerabilities in 2.7.1:
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=jackson
see also
https://github.com/FasterXML/jackson-databind/issues/1599
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)