[jira] [Resolved] (PARQUET-2300) Update jackson-core 2.13.4 to a version without CVE PRISMA-2023-0067

Fokko Driesprong (Jira) Tue, 28 Nov 2023 14:27:09 -0800


     [ 
https://issues.apache.org/jira/browse/PARQUET-2300?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Fokko Driesprong resolved PARQUET-2300.
---------------------------------------
      Assignee: Gang Wu
    Resolution: Fixed

> Update jackson-core 2.13.4 to a version without CVE PRISMA-2023-0067
> --------------------------------------------------------------------
>
>                 Key: PARQUET-2300
>                 URL: https://issues.apache.org/jira/browse/PARQUET-2300
>             Project: Parquet
>          Issue Type: Bug
>          Components: parquet-mr
>    Affects Versions: 1.13.0
>            Reporter: Gianluca Vagnoni
>            Assignee: Gang Wu
>            Priority: Major
>             Fix For: 1.14.0
>
>
> The library "{*}parquet-jackson{*}" version 1.13.0 and 1.13.1 contains the 
> vulnerability PRISMA-2023-0067 
> ([https://github.com/FasterXML/jackson-core/pull/827)] 
> ([https://github.com/IBM/ibm-cos-sdk-java/issues/58)]
> Please upgrade the shaded library to jackson-core version 2.15.0 to fix it.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (PARQUET-2300) Update jackson-core 2.13.4 to a version without CVE PRISMA-2023-0067

Reply via email to