You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@flink.apache.org by "Martijn Visser (Jira)" <ji...@apache.org> on 2022/04/05 07:05:00 UTC

[jira] [Commented] (FLINK-26961) Update multiple Jackson dependencies to v2.13.2 and v2.13.2.1

    [ https://issues.apache.org/jira/browse/FLINK-26961?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17517261#comment-17517261 ] 

Martijn Visser commented on FLINK-26961:
----------------------------------------

master: 7303fdeef7079241b87b72a42b839efc4143abd0
release-1.15: 7c308e8073278c90f0768c59427e3c62cb7851f1
release-1.14: f7894eea0ba673d041b4c3bc50fb386690059cdf

> Update multiple Jackson dependencies to v2.13.2 and v2.13.2.1
> -------------------------------------------------------------
>
>                 Key: FLINK-26961
>                 URL: https://issues.apache.org/jira/browse/FLINK-26961
>             Project: Flink
>          Issue Type: Technical Debt
>          Components: Connectors / Common, Formats (JSON, Avro, Parquet, ORC, SequenceFile), Table SQL / Planner
>            Reporter: Sergey Nuyanzin
>            Assignee: Sergey Nuyanzin
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 1.15.0, 1.16.0, 1.14.5
>
>
> There is a High [CVE-2020-36518|https://nvd.nist.gov/vuln/detail/CVE-2020-36518], https://github.com/advisories/GHSA-57j2-w4cx-62h2
> which was fixed with 2.13.2.1



--
This message was sent by Atlassian Jira
(v8.20.1#820001)