You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@flume.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/04/07 11:16:00 UTC

[jira] [Commented] (FLUME-3368) Update Jackson to 2.9.10

    [ https://issues.apache.org/jira/browse/FLUME-3368?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17316233#comment-17316233 ] 

ASF subversion and git services commented on FLUME-3368:
--------------------------------------------------------

Commit 59ffd4f871171550e7b40d8193894549b97fe1f4 in flume's branch refs/heads/dependabot/maven/hive.version-3.1.2 from chi-chi weng
[ https://gitbox.apache.org/repos/asf?p=flume.git;h=59ffd4f ]

FLUME-3368 Update Jackson to 2.9.10

Jackson has a serious security problem in 2.9.7, which will cause RCE (#327)

https://github.com/FasterXML/jackson-databind/issues/2295

* Update pom.xml

> Update Jackson to 2.9.10
> ------------------------
>
>                 Key: FLUME-3368
>                 URL: https://issues.apache.org/jira/browse/FLUME-3368
>             Project: Flume
>          Issue Type: Improvement
>            Reporter: Tristan Stevens
>            Assignee: Tristan Stevens
>            Priority: Major
>
> Cross ref Jackson security problem: https://github.com/FasterXML/jackson-databind/issues/2295



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@flume.apache.org
For additional commands, e-mail: issues-help@flume.apache.org