You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zookeeper.apache.org by ma...@apache.org on 2022/01/22 06:51:19 UTC
[zookeeper] branch branch-3.5 updated: ZOOKEEPER-4429: Update jackson-databind to 2.13.1
This is an automated email from the ASF dual-hosted git repository.
maoling pushed a commit to branch branch-3.5
in repository https://gitbox.apache.org/repos/asf/zookeeper.git
The following commit(s) were added to refs/heads/branch-3.5 by this push:
new f1084cd ZOOKEEPER-4429: Update jackson-databind to 2.13.1
f1084cd is described below
commit f1084cde2f977dd7dace7f77662b19ab494405b3
Author: Frederiko Costa <fr...@gmail.com>
AuthorDate: Sat Jan 22 14:51:09 2022 +0800
ZOOKEEPER-4429: Update jackson-databind to 2.13.1
This PR updates jackson-databind to 2.13.1 to address a raised vulnerability that could possible DoS attack certain versions of Jackson. Please refer to GH issue #3328 for further info. On top of that, it also fixes now deprecated `PropertyNamingStrategy` class initialization issue #2715.
Author: Frederiko Costa <fr...@gmail.com>
Reviewers: Enrico Olivelli <eo...@apache.org>, Shoothzj <sh...@gmail.com>, maoling <ma...@apache.org>
Closes #1786 from frederiko/ZOOKEEPER-4429_update_jackson_databind
---
build.xml | 2 +-
pom.xml | 2 +-
.../main/java/org/apache/zookeeper/server/admin/JsonOutputter.java | 4 ++--
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/build.xml b/build.xml
index beb7744..7c887a3 100644
--- a/build.xml
+++ b/build.xml
@@ -55,7 +55,7 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle.ant">
<property name="javacc.version" value="5.0"/>
<property name="jetty.version" value="9.4.43.v20210629"/>
- <property name="jackson.version" value="2.10.3"/>
+ <property name="jackson.version" value="2.13.1"/>
<property name="dependency-check-ant.version" value="5.2.4"/>
<property name="commons-io.version" value="2.6"/>
diff --git a/pom.xml b/pom.xml
index c6ddbd4..fe430cf 100755
--- a/pom.xml
+++ b/pom.xml
@@ -299,7 +299,7 @@
<commons-cli.version>1.2</commons-cli.version>
<jetty.version>9.4.43.v20210629</jetty.version>
<netty.version>4.1.70.Final</netty.version>
- <jackson.version>2.10.5.1</jackson.version>
+ <jackson.version>2.13.1</jackson.version>
<json.version>1.1.1</json.version>
<jline.version>2.14.6</jline.version>
<snappy.version>1.1.7</snappy.version>
diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java
index 566444f..62e83c9 100644
--- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java
+++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java
@@ -21,7 +21,7 @@ package org.apache.zookeeper.server.admin;
import com.fasterxml.jackson.core.JsonGenerationException;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.PropertyNamingStrategy;
+import com.fasterxml.jackson.databind.PropertyNamingStrategies;
import com.fasterxml.jackson.databind.SerializationFeature;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -40,7 +40,7 @@ public class JsonOutputter implements CommandOutputter {
mapper = new ObjectMapper();
mapper.configure(SerializationFeature.WRITE_ENUMS_USING_TO_STRING, true);
mapper.configure(SerializationFeature.INDENT_OUTPUT, true);
- mapper.setPropertyNamingStrategy(PropertyNamingStrategy.SNAKE_CASE);
+ mapper.setPropertyNamingStrategy(PropertyNamingStrategies.SNAKE_CASE);
}
@Override