[jira] [Created] (KYLIN-3372) Upgrade jackson-databind version due to security concerns

Ted Yu created KYLIN-3372:
-----------------------------

             Summary: Upgrade jackson-databind version due to security concerns
                 Key: KYLIN-3372
                 URL: https://issues.apache.org/jira/browse/KYLIN-3372
             Project: Kylin
          Issue Type: Task
            Reporter: Ted Yu




* https://nvd.nist.gov/vuln/detail/CVE-2018-5968
* https://nvd.nist.gov/vuln/detail/CVE-2018-7489
* https://nvd.nist.gov/vuln/detail/CVE-2017-7525
* https://nvd.nist.gov/vuln/detail/CVE-2017-17485
* https://nvd.nist.gov/vuln/detail/CVE-2017-15095

We should either remove the dependency or upgrade to version 2.8.11.1 or the 
latest, if possible.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (KYLIN-3372) Upgrade jackson-databind version due to security concerns

Reply via email to