You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@zookeeper.apache.org by eo...@apache.org on 2023/01/23 08:34:03 UTC

[zookeeper] 02/02: [ZOOKEEPER-4661] Upgrade Jackson Databind to 2.13.4.2 for CVE-2022-42003 CVE-2022-42004 (#1972)

This is an automated email from the ASF dual-hosted git repository.

eolivelli pushed a commit to branch branch-3.8
in repository https://gitbox.apache.org/repos/asf/zookeeper.git

commit 10f04f15c857a54ada3debe070fc3bbb86f3693c
Author: Enrico Olivelli <eo...@apache.org>
AuthorDate: Mon Jan 23 09:33:19 2023 +0100

    [ZOOKEEPER-4661] Upgrade Jackson Databind to 2.13.4.2 for CVE-2022-42003 CVE-2022-42004 (#1972)
    
    (cherry picked from commit 3e7f551bb9372c87930a4490c8572d976dba976f)
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index d2dedc685..192a91350 100644
--- a/pom.xml
+++ b/pom.xml
@@ -469,7 +469,7 @@
     <commons-cli.version>1.5.0</commons-cli.version>
     <netty.version>4.1.86.Final</netty.version>
     <jetty.version>9.4.49.v20220914</jetty.version>
-    <jackson.version>2.13.2.1</jackson.version>
+    <jackson.version>2.13.4.2</jackson.version>
     <jline.version>2.14.6</jline.version>
     <snappy.version>1.1.7.7</snappy.version>
     <kerby.version>2.0.0</kerby.version>