You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Vanessa Haro (Jira)" <ji...@apache.org> on 2019/09/19 21:30:00 UTC
[jira] [Created] (CASSANDRA-15328) Bump jackson version to >=
2.9.9.3 to address security vulnerabilities
Vanessa Haro created CASSANDRA-15328:
----------------------------------------
Summary: Bump jackson version to >= 2.9.9.3 to address security vulnerabilities
Key: CASSANDRA-15328
URL: https://issues.apache.org/jira/browse/CASSANDRA-15328
Project: Cassandra
Issue Type: Improvement
Components: Build
Reporter: Vanessa Haro
Bump jackson version to >= 2.9.9.3 to address security vulnerabilities
|CVE-2019-12086 jackson-databind Medium https://nvd.nist.gov/vuln/detail/CVE-2019-12086 |
|CVE-2019-12384 jackson-databind Medium https://nvd.nist.gov/vuln/detail/CVE-2019-12384 |
|CVE-2019-12814 jackson-databind Medium https://nvd.nist.gov/vuln/detail/CVE-2019-12814 |
|CVE-2019-14439 jackson-databind High
[https://nvd.nist.gov/vuln/detail/CVE-2019-14439]|
Last jackson-databind bumped to 2.9.5 with CASSANDRA-14427
Jackson 2.9 release notes:
[https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org