You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Julian Reschke (Jira)" <ji...@apache.org> on 2021/07/01 10:20:00 UTC
[jira] [Commented] (OAK-9479) oak-search-elastic: upgrade
jackson-databind to 2.10.5.1
[ https://issues.apache.org/jira/browse/OAK-9479?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17372612#comment-17372612 ]
Julian Reschke commented on OAK-9479:
-------------------------------------
IMHO it would be simpler to update everything to 2.12.3
> oak-search-elastic: upgrade jackson-databind to 2.10.5.1
> --------------------------------------------------------
>
> Key: OAK-9479
> URL: https://issues.apache.org/jira/browse/OAK-9479
> Project: Jackrabbit Oak
> Issue Type: Task
> Components: elastic-search, search
> Reporter: Fabrizio Fortino
> Assignee: Fabrizio Fortino
> Priority: Major
> Fix For: 1.42.0
>
>
> The current version (2.10.3) is affected by this vulnerability https://nvd.nist.gov/vuln/detail/CVE-2020-25649
--
This message was sent by Atlassian Jira
(v8.3.4#803005)