You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Tiago Alexandre Soares de Oliveira (Jira)" <ji...@apache.org> on 2021/06/07 13:30:00 UTC

[jira] [Commented] (NIFI-8061) Update Jackson Datablind Version

    [ https://issues.apache.org/jira/browse/NIFI-8061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17358599#comment-17358599 ] 

Tiago Alexandre Soares de Oliveira commented on NIFI-8061:
----------------------------------------------------------

Hi [~dborncamp] 

Any news on this issue?

> Update Jackson Datablind Version
> --------------------------------
>
>                 Key: NIFI-8061
>                 URL: https://issues.apache.org/jira/browse/NIFI-8061
>             Project: Apache NiFi
>          Issue Type: Improvement
>    Affects Versions: 1.11.0, 1.12.0, 1.11.1, 1.11.2, 1.11.3, 1.11.4, 1.13.0, 1.12.1
>            Reporter: David Borncamp
>            Priority: Major
>              Labels: dependancy, dependencies
>   Original Estimate: 4h
>  Remaining Estimate: 4h
>
> Upgrade {{com.fasterxml.jackson.core:jackson-databind}} in NiFi's maven poms to version 2.9.10.6. This resolves [CVE 2020-25649|http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649] [http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649] with this [issue fixed|https://issues.apache.org/jira/secure/[https://github.com/FasterXML/jackson-databind/issues/2826](https://github.com/FasterXML/jackson-databind/issues/2826] [https://github.com/FasterXML/jackson-databind/issues/2826] .



--
This message was sent by Atlassian Jira
(v8.3.4#803005)