You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zookeeper.apache.org by nk...@apache.org on 2021/01/06 18:50:17 UTC
[zookeeper] branch master updated: ZOOKEEPER-4045: CVE-2020-25649 -
Upgrade jackson databind to 2.10.5.1
This is an automated email from the ASF dual-hosted git repository.
nkalmar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zookeeper.git
The following commit(s) were added to refs/heads/master by this push:
new 676d10b ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1
676d10b is described below
commit 676d10b2fad97c69e4083619cb1db223ed1896a4
Author: Edwin Hobor <ed...@microfocus.com>
AuthorDate: Wed Jan 6 19:50:08 2021 +0100
ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1
Jackson reported a vulnerability under CVE-2020-25649. Upgrading to 2.10.5.1 will resolve the problem. See https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.10#micro-patches for more details.
Author: Edwin Hobor <ed...@microfocus.com>
Reviewers: Mate Szalay-Beko <sy...@apache.org>, Norbert Kalmar <nk...@apache.org>
Closes #1572 from edwin092/ZOOKEEPER-4045
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 837dcef..1c485d9 100755
--- a/pom.xml
+++ b/pom.xml
@@ -439,7 +439,7 @@
<commons-cli.version>1.4</commons-cli.version>
<netty.version>4.1.50.Final</netty.version>
<jetty.version>9.4.35.v20201120</jetty.version>
- <jackson.version>2.10.5</jackson.version>
+ <jackson.version>2.10.5.1</jackson.version>
<jline.version>2.14.6</jline.version>
<snappy.version>1.1.7.7</snappy.version>
<kerby.version>2.0.0</kerby.version>