You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zookeeper.apache.org by nk...@apache.org on 2019/05/30 13:53:43 UTC
[zookeeper] branch master updated: ZOOKEEPER-3405: Upgrade the
version of Jackson-databind to address OWASP CVE
This is an automated email from the ASF dual-hosted git repository.
nkalmar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zookeeper.git
The following commit(s) were added to refs/heads/master by this push:
new ca4b124 ZOOKEEPER-3405: Upgrade the version of Jackson-databind to address OWASP CVE
ca4b124 is described below
commit ca4b12430ef579f67785146a195ebfed5ca73f39
Author: Patrick Hunt <ph...@apache.org>
AuthorDate: Thu May 30 15:53:35 2019 +0200
ZOOKEEPER-3405: Upgrade the version of Jackson-databind to address OWASP CVE
Upgraded the library to the latest version.
Change-Id: I94743e7f7817202fff25c757730ba05fe0a9cc17
Author: Patrick Hunt <ph...@apache.org>
Reviewers: Enrico Olivelli <eo...@apache.org>, Norbert Kalmar <nk...@apache.org>
Closes #962 from phunt/ZOOKEEPER-3405
---
build.xml | 2 +-
pom.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/build.xml b/build.xml
index 3ba2079..3ae8cb4 100644
--- a/build.xml
+++ b/build.xml
@@ -55,7 +55,7 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle.ant">
<property name="javacc.version" value="5.0"/>
<property name="jetty.version" value="9.4.15.v20190215"/>
- <property name="jackson.version" value="2.9.8"/>
+ <property name="jackson.version" value="2.9.9"/>
<property name="dependency-check-ant.version" value="4.0.2"/>
<property name="commons-io.version" value="2.6"/>
diff --git a/pom.xml b/pom.xml
index dbd7d81..621cd94 100755
--- a/pom.xml
+++ b/pom.xml
@@ -279,7 +279,7 @@
<commons-cli.version>1.2</commons-cli.version>
<netty.version>4.1.29.Final</netty.version>
<jetty.version>9.4.17.v20190418</jetty.version>
- <jackson.version>2.9.8</jackson.version>
+ <jackson.version>2.9.9</jackson.version>
<json.version>1.1.1</json.version>
<jline.version>2.11</jline.version>
<snappy.version>1.1.7</snappy.version>