This is an automated email from the ASF dual-hosted git repository. zjffdu pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/zeppelin.git
The following commit(s) were added to refs/heads/master by this push: new 70c791bae4 [ZEPPELIN-5027] upgrade jackson to avoid cve 70c791bae4 is described below commit 70c791bae4832a04442a3cdbaec98432f829949f Author: PJ Fanning <pjfann...@users.noreply.github.com> AuthorDate: Mon Mar 28 20:35:10 2022 +0200 [ZEPPELIN-5027] upgrade jackson to avoid cve ### What is this PR for? [ZEPPELIN-5027] upgrade jackson to avoid cve ### What type of PR is it? Bug Fix ### Todos * [ ] - Task ### What is the Jira issue? * https://issues.apache.org/jira/browse/ZEPPELIN/ZEPPELIN-5027 ### How should this be tested? * Strongly recommended: add automated unit tests for any new or changed behavior * Outline any manual steps to test the PR here. ### Screenshots (if appropriate) ### Questions: * Does the licenses files need update? * Is there breaking changes for older versions? * Does this needs documentation? Author: PJ Fanning <pjfann...@users.noreply.github.com> Closes #4333 from pjfanning/patch-3 and squashes the following commits: 201ca3515a [PJ Fanning] Update pom.xml 43cd25d732 [PJ Fanning] [ZEPPELIN-5027] upgrade jackson to avoid cve --- ksql/pom.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ksql/pom.xml b/ksql/pom.xml index 6d7ba3b053..e9c178fd0f 100644 --- a/ksql/pom.xml +++ b/ksql/pom.xml @@ -40,13 +40,13 @@ <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> - <version>2.10.3</version> + <version>2.10.5.1</version> </dependency> <dependency> - <groupId>org.apache.commons</groupId> + <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> - <version>1.3.2</version> + <version>2.11.0</version> </dependency> <dependency>