You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@zeppelin.apache.org by zj...@apache.org on 2022/04/05 07:52:23 UTC

[zeppelin] branch master updated: [ZEPPELIN-5027] upgrade jackson to avoid cve

This is an automated email from the ASF dual-hosted git repository.

zjffdu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zeppelin.git


The following commit(s) were added to refs/heads/master by this push:
     new 70c791bae4 [ZEPPELIN-5027] upgrade jackson to avoid cve
70c791bae4 is described below

commit 70c791bae4832a04442a3cdbaec98432f829949f
Author: PJ Fanning <pj...@users.noreply.github.com>
AuthorDate: Mon Mar 28 20:35:10 2022 +0200

    [ZEPPELIN-5027] upgrade jackson to avoid cve
    
    ### What is this PR for?
    
    [ZEPPELIN-5027] upgrade jackson to avoid cve
    
    ### What type of PR is it?
    Bug Fix
    
    ### Todos
    * [ ] - Task
    
    ### What is the Jira issue?
    * https://issues.apache.org/jira/browse/ZEPPELIN/ZEPPELIN-5027
    
    ### How should this be tested?
    * Strongly recommended: add automated unit tests for any new or changed behavior
    * Outline any manual steps to test the PR here.
    
    ### Screenshots (if appropriate)
    
    ### Questions:
    * Does the licenses files need update?
    * Is there breaking changes for older versions?
    * Does this needs documentation?
    
    Author: PJ Fanning <pj...@users.noreply.github.com>
    
    Closes #4333 from pjfanning/patch-3 and squashes the following commits:
    
    201ca3515a [PJ Fanning] Update pom.xml
    43cd25d732 [PJ Fanning] [ZEPPELIN-5027] upgrade jackson to avoid cve
---
 ksql/pom.xml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ksql/pom.xml b/ksql/pom.xml
index 6d7ba3b053..e9c178fd0f 100644
--- a/ksql/pom.xml
+++ b/ksql/pom.xml
@@ -40,13 +40,13 @@
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
       <artifactId>jackson-databind</artifactId>
-      <version>2.10.3</version>
+      <version>2.10.5.1</version>
     </dependency>
 
     <dependency>
-      <groupId>org.apache.commons</groupId>
+      <groupId>commons-io</groupId>
       <artifactId>commons-io</artifactId>
-      <version>1.3.2</version>
+      <version>2.11.0</version>
     </dependency>
 
     <dependency>