You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by jo...@apache.org on 2019/08/13 15:35:24 UTC
[ambari] branch branch-2.7 updated: AMBARI-25352 : Upgrade
fasterxml jackson dependency due to CVE-2019-14379 (#3066)
This is an automated email from the ASF dual-hosted git repository.
jonathanhurley pushed a commit to branch branch-2.7
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/branch-2.7 by this push:
new 107125f AMBARI-25352 : Upgrade fasterxml jackson dependency due to CVE-2019-14379 (#3066)
107125f is described below
commit 107125f84228f248ea13db85297f3a13e4ccfb72
Author: Viraj Jasani <vi...@gmail.com>
AuthorDate: Tue Aug 13 21:05:15 2019 +0530
AMBARI-25352 : Upgrade fasterxml jackson dependency due to CVE-2019-14379 (#3066)
---
ambari-infra/pom.xml | 6 +++---
.../ambari-logsearch-logfeeder-container-registry/pom.xml | 4 ++--
ambari-logsearch/pom.xml | 6 +++---
ambari-metrics/pom.xml | 5 +++--
ambari-project/pom.xml | 5 +++--
5 files changed, 14 insertions(+), 12 deletions(-)
diff --git a/ambari-infra/pom.xml b/ambari-infra/pom.xml
index b95ae4e..8d8266b 100644
--- a/ambari-infra/pom.xml
+++ b/ambari-infra/pom.xml
@@ -343,17 +343,17 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.9.8</version>
+ <version>2.9.9.3</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.9.8</version>
+ <version>2.9.9</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-xml</artifactId>
- <version>2.9.8</version>
+ <version>2.9.9</version>
<exclusions>
<exclusion>
<groupId>com.fasterxml.woodstox</groupId>
diff --git a/ambari-logsearch/ambari-logsearch-logfeeder-container-registry/pom.xml b/ambari-logsearch/ambari-logsearch-logfeeder-container-registry/pom.xml
index e09fd93..3d60003 100644
--- a/ambari-logsearch/ambari-logsearch-logfeeder-container-registry/pom.xml
+++ b/ambari-logsearch/ambari-logsearch-logfeeder-container-registry/pom.xml
@@ -46,12 +46,12 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.9.8</version>
+ <version>2.9.9.3</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.9.8</version>
+ <version>2.9.9</version>
</dependency>
<dependency>
<groupId>commons-lang</groupId>
diff --git a/ambari-logsearch/pom.xml b/ambari-logsearch/pom.xml
index 82655fb..e693380 100644
--- a/ambari-logsearch/pom.xml
+++ b/ambari-logsearch/pom.xml
@@ -326,17 +326,17 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.9.8</version>
+ <version>2.9.9.3</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.9.8</version>
+ <version>2.9.9</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
<artifactId>jackson-dataformat-xml</artifactId>
- <version>2.9.8</version>
+ <version>2.9.9</version>
<exclusions>
<exclusion>
<groupId>com.fasterxml.woodstox</groupId>
diff --git a/ambari-metrics/pom.xml b/ambari-metrics/pom.xml
index 06920f6..0090d2c 100644
--- a/ambari-metrics/pom.xml
+++ b/ambari-metrics/pom.xml
@@ -56,7 +56,8 @@
<distMgmtStagingId>apache.staging.https</distMgmtStagingId>
<distMgmtStagingName>Apache Release Distribution Repository</distMgmtStagingName>
<distMgmtStagingUrl>https://repository.apache.org/service/local/staging/deploy/maven2</distMgmtStagingUrl>
- <fasterxml.jackson.version>2.9.8</fasterxml.jackson.version>
+ <fasterxml.jackson.version>2.9.9</fasterxml.jackson.version>
+ <fasterxml.jackson.databind.version>2.9.9.3</fasterxml.jackson.databind.version>
</properties>
<distributionManagement>
<repository>
@@ -97,7 +98,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>${fasterxml.jackson.version}</version>
+ <version>${fasterxml.jackson.databind.version}</version>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
diff --git a/ambari-project/pom.xml b/ambari-project/pom.xml
index 9926d08..566a160 100644
--- a/ambari-project/pom.xml
+++ b/ambari-project/pom.xml
@@ -39,7 +39,8 @@
<guice.version>4.1.0</guice.version>
<spring.version>5.1.8.RELEASE</spring.version>
<spring.security.version>5.1.5.RELEASE</spring.security.version>
- <fasterxml.jackson.version>2.9.8</fasterxml.jackson.version>
+ <fasterxml.jackson.version>2.9.9</fasterxml.jackson.version>
+ <fasterxml.jackson.databind.version>2.9.9.3</fasterxml.jackson.databind.version>
<postgres.version>42.2.2</postgres.version>
<forkCount>4</forkCount>
<reuseForks>false</reuseForks>
@@ -648,7 +649,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>${fasterxml.jackson.version}</version>
+ <version>${fasterxml.jackson.databind.version}</version>
</dependency>
<dependency>
<groupId>org.apache.zookeeper</groupId>