Skip to content

Commit

Permalink
ZOOKEEPER-4045: CVE-2020-25649 - Upgrade jackson databind to 2.10.5.1
Browse files Browse the repository at this point in the history 
Jackson reported a vulnerability under CVE-2020-25649. Upgrading to 2.10.5.1 will resolve the problem. See https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.10#micro-patches for more details.

Author: Edwin Hobor <[email protected]>

Reviewers: Mate Szalay-Beko <[email protected]>, Norbert Kalmar <[email protected]>

Closes apache#1572 from edwin092/ZOOKEEPER-4045

(cherry picked from commit 676d10b)
Signed-off-by: Norbert Kalmar <[email protected]>
  • Loading branch information
@nkalmar
Edwin Hobor authored and nkalmar committed Jan 6, 2021
1 parent eb348a1 commit 29315f8
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -299,7 +299,7 @@
<commons-cli.version>1.2</commons-cli.version>
<jetty.version>9.4.35.v20201120</jetty.version>
<netty.version>4.1.50.Final</netty.version>
<jackson.version>2.10.3</jackson.version>
<jackson.version>2.10.5.1</jackson.version>
<json.version>1.1.1</json.version>
<jline.version>2.14.6</jline.version>
<snappy.version>1.1.7</snappy.version>
Expand Down

0 comments on commit 29315f8

Please sign in to comment.