You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@linkis.apache.org by GitBox <gi...@apache.org> on 2022/07/29 05:18:03 UTC

[GitHub] [incubator-linkis] jackxu2011 commented on pull request #2538: Upgrade jackson-databind 2.13.2.1 to 2.13.2.2

jackxu2011 commented on PR #2538:
URL: https://github.com/apache/incubator-linkis/pull/2538#issuecomment-1198889455

   > > > > the hadoop has downgrade jackson to 2.12.7 to compatible with jsr311
   > > > 
   > > > 
   > > > jackson-databind 2.13.2.1 has high security vulnerability Does you mean that there will be incompatibility with jsr311 after the upgrade? Is there a related issue or an announcement
   > > 
   > > 
   > > 2.12.7 has no security vulnerability
   > 
   > Is it recommended to use jackson bom version of 2.12.7?
   
   yes see https://issues.apache.org/jira/browse/HADOOP-18332


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@linkis.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@linkis.apache.org
For additional commands, e-mail: notifications-help@linkis.apache.org