You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@avro.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/10/28 18:31:00 UTC
[jira] [Updated] (AVRO-3658) Bump jackson to address CVE-2020-36518
[ https://issues.apache.org/jira/browse/AVRO-3658?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
ASF GitHub Bot updated AVRO-3658:
---------------------------------
Labels: pull-request-available (was: )
> Bump jackson to address CVE-2020-36518
> --------------------------------------
>
> Key: AVRO-3658
> URL: https://issues.apache.org/jira/browse/AVRO-3658
> Project: Apache Avro
> Issue Type: Improvement
> Components: java
> Affects Versions: 1.11.1
> Reporter: Pavel Moskotin
> Priority: Major
> Labels: pull-request-available
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Current version of Jackson dependency for AVRO/Java
> {code:xml}
> <jackson-bom.version>2.12.7.20221012</jackson-bom.version>
> {code}
> bringsĀ CVE-2020-36518.
> This is covered by next versions, for example - in
> {code:xml}
> <jackson-bom.version>2.13.4</jackson-bom.version>
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)