You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Brahma Reddy Battula (Jira)" <ji...@apache.org> on 2022/12/09 16:56:00 UTC
[jira] [Commented] (AMBARI-25785) upgrade jackson-databind to 2.12.7.1 to resolve CVEs
[ https://issues.apache.org/jira/browse/AMBARI-25785?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17645397#comment-17645397 ]
Brahma Reddy Battula commented on AMBARI-25785:
-----------------------------------------------
Committed to branch-2.7 and thanks [~ananysin] for your contribution. Can you please raise patch for trunk also.
> upgrade jackson-databind to 2.12.7.1 to resolve CVEs
> ----------------------------------------------------
>
> Key: AMBARI-25785
> URL: https://issues.apache.org/jira/browse/AMBARI-25785
> Project: Ambari
> Issue Type: Story
> Reporter: Ananya Singh
> Assignee: Ananya Singh
> Priority: Major
> Fix For: 2.7.8
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> *[CVE-2020-25649|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25649]*
> *[CVE-2020-36518|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-36518]*
> *[CVE-2022-42003|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42003]*
> *[CVE-2022-42004|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42004]*
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ambari.apache.org
For additional commands, e-mail: issues-help@ambari.apache.org