[jira] [Commented] (DRILL-8332) upgrade to jackson 2.13.4.20221012

ASF GitHub Bot (Jira) Thu, 13 Oct 2022 01:54:04 -0700


    [ 
https://issues.apache.org/jira/browse/DRILL-8332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17616884#comment-17616884
 ]


ASF GitHub Bot commented on DRILL-8332:
---------------------------------------

pjfanning opened a new pull request, #2674:
URL: https://github.com/apache/drill/pull/2674

   ## Description
   
   2 CVE fixes in this jackson release
   
   ## Documentation
   (Please describe user-visible changes similar to what should appear in the 
Drill documentation.)
   
   ## Testing
   (Please describe how this PR has been tested.)
   




> upgrade to jackson 2.13.4.20221012
> ----------------------------------
>
>                 Key: DRILL-8332
>                 URL: https://issues.apache.org/jira/browse/DRILL-8332
>             Project: Apache Drill
>          Issue Type: Improvement
>            Reporter: PJ Fanning
>            Priority: Major
>
> * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003]
>  * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004]
>  * both fixes have been backported (the CVEs themselves need to be updated to 
> reflect this)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (DRILL-8332) upgrade to jackson 2.13.4.20221012

Reply via email to