You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@avro.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/10/28 18:31:00 UTC

[jira] [Updated] (AVRO-3658) Bump jackson to address CVE-2020-36518

     [ https://issues.apache.org/jira/browse/AVRO-3658?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

ASF GitHub Bot updated AVRO-3658:
---------------------------------
    Labels: pull-request-available  (was: )

> Bump jackson to address CVE-2020-36518
> --------------------------------------
>
>                 Key: AVRO-3658
>                 URL: https://issues.apache.org/jira/browse/AVRO-3658
>             Project: Apache Avro
>          Issue Type: Improvement
>          Components: java
>    Affects Versions: 1.11.1
>            Reporter: Pavel Moskotin
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Current version of Jackson dependency for AVRO/Java
> {code:xml}
> <jackson-bom.version>2.12.7.20221012</jackson-bom.version>
> {code}
> brings CVE-2020-36518.
> This is covered by next versions, for example - in 
> {code:xml}
> <jackson-bom.version>2.13.4</jackson-bom.version>
> {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)