[jira] [Assigned] (CURATOR-481) Remove jackson-mapper-asl-version and update to latest version of jackson

Jordan Zimmerman (JIRA) Sun, 03 Mar 2019 11:16:03 -0800


     [ 
https://issues.apache.org/jira/browse/CURATOR-481?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jordan Zimmerman reassigned CURATOR-481:
----------------------------------------

         Assignee: Jordan Zimmerman
    Fix Version/s:     (was: TBD)
                   4.2.0

> Remove jackson-mapper-asl-version and update to latest version of jackson
> -------------------------------------------------------------------------
>
>                 Key: CURATOR-481
>                 URL: https://issues.apache.org/jira/browse/CURATOR-481
>             Project: Apache Curator
>          Issue Type: Bug
>          Components: General
>    Affects Versions: 2.3.0
>            Reporter: Maxim Pudov
>            Assignee: Jordan Zimmerman
>            Priority: Major
>             Fix For: 4.2.0
>
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> There is a vulnerability issue in jackson-mapper-asl-version 1.9.13 and it is 
> no longer supported. The same issue was present in jackson-databind till 
> version 2.7.9.1.
> [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7525]
> We already have a dependency on jackson 2.x. Let's replace jackson-mapper-asl 
> with jackson-databind and update jackson to the latest version.
>  
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Assigned] (CURATOR-481) Remove jackson-mapper-asl-version and update to latest version of jackson

Reply via email to