You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Brahma Reddy Battula (Jira)" <ji...@apache.org> on 2022/12/09 16:56:00 UTC

[jira] [Commented] (AMBARI-25785) upgrade jackson-databind to 2.12.7.1 to resolve CVEs

    [ https://issues.apache.org/jira/browse/AMBARI-25785?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17645397#comment-17645397 ] 

Brahma Reddy Battula commented on AMBARI-25785:
-----------------------------------------------

Committed to branch-2.7 and thanks [~ananysin] for your contribution. Can you please raise patch for trunk also.

> upgrade jackson-databind to 2.12.7.1 to resolve CVEs
> ----------------------------------------------------
>
>                 Key: AMBARI-25785
>                 URL: https://issues.apache.org/jira/browse/AMBARI-25785
>             Project: Ambari
>          Issue Type: Story
>            Reporter: Ananya Singh
>            Assignee: Ananya Singh
>            Priority: Major
>             Fix For: 2.7.8
>
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> *[CVE-2020-25649|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25649]*
> *[CVE-2020-36518|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-36518]*  
> *[CVE-2022-42003|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42003]*
> *[CVE-2022-42004|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42004]*



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ambari.apache.org
For additional commands, e-mail: issues-help@ambari.apache.org