You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flink.apache.org by "Martijn Visser (Jira)" <ji...@apache.org> on 2022/04/05 07:05:00 UTC
[jira] [Commented] (FLINK-26961) Update multiple Jackson dependencies to v2.13.2 and v2.13.2.1
[ https://issues.apache.org/jira/browse/FLINK-26961?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17517261#comment-17517261 ]
Martijn Visser commented on FLINK-26961:
----------------------------------------
master: 7303fdeef7079241b87b72a42b839efc4143abd0
release-1.15: 7c308e8073278c90f0768c59427e3c62cb7851f1
release-1.14: f7894eea0ba673d041b4c3bc50fb386690059cdf
> Update multiple Jackson dependencies to v2.13.2 and v2.13.2.1
> -------------------------------------------------------------
>
> Key: FLINK-26961
> URL: https://issues.apache.org/jira/browse/FLINK-26961
> Project: Flink
> Issue Type: Technical Debt
> Components: Connectors / Common, Formats (JSON, Avro, Parquet, ORC, SequenceFile), Table SQL / Planner
> Reporter: Sergey Nuyanzin
> Assignee: Sergey Nuyanzin
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.15.0, 1.16.0, 1.14.5
>
>
> There is a High [CVE-2020-36518|https://nvd.nist.gov/vuln/detail/CVE-2020-36518], https://github.com/advisories/GHSA-57j2-w4cx-62h2
> which was fixed with 2.13.2.1
--
This message was sent by Atlassian Jira
(v8.20.1#820001)