You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zeppelin.apache.org by zj...@apache.org on 2022/04/05 07:52:23 UTC
[zeppelin] branch master updated: [ZEPPELIN-5027] upgrade jackson to avoid cve
This is an automated email from the ASF dual-hosted git repository.
zjffdu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zeppelin.git
The following commit(s) were added to refs/heads/master by this push:
new 70c791bae4 [ZEPPELIN-5027] upgrade jackson to avoid cve
70c791bae4 is described below
commit 70c791bae4832a04442a3cdbaec98432f829949f
Author: PJ Fanning <pj...@users.noreply.github.com>
AuthorDate: Mon Mar 28 20:35:10 2022 +0200
[ZEPPELIN-5027] upgrade jackson to avoid cve
### What is this PR for?
[ZEPPELIN-5027] upgrade jackson to avoid cve
### What type of PR is it?
Bug Fix
### Todos
* [ ] - Task
### What is the Jira issue?
* https://issues.apache.org/jira/browse/ZEPPELIN/ZEPPELIN-5027
### How should this be tested?
* Strongly recommended: add automated unit tests for any new or changed behavior
* Outline any manual steps to test the PR here.
### Screenshots (if appropriate)
### Questions:
* Does the licenses files need update?
* Is there breaking changes for older versions?
* Does this needs documentation?
Author: PJ Fanning <pj...@users.noreply.github.com>
Closes #4333 from pjfanning/patch-3 and squashes the following commits:
201ca3515a [PJ Fanning] Update pom.xml
43cd25d732 [PJ Fanning] [ZEPPELIN-5027] upgrade jackson to avoid cve
---
ksql/pom.xml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/ksql/pom.xml b/ksql/pom.xml
index 6d7ba3b053..e9c178fd0f 100644
--- a/ksql/pom.xml
+++ b/ksql/pom.xml
@@ -40,13 +40,13 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.10.3</version>
+ <version>2.10.5.1</version>
</dependency>
<dependency>
- <groupId>org.apache.commons</groupId>
+ <groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
- <version>1.3.2</version>
+ <version>2.11.0</version>
</dependency>
<dependency>