[ https://issues.apache.org/jira/browse/DRILL-8332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17617079#comment-17617079 ]
ASF GitHub Bot commented on DRILL-8332: --------------------------------------- cgivre merged PR #2674: URL: https://github.com/apache/drill/pull/2674 > upgrade to jackson 2.13.4.20221012 > ---------------------------------- > > Key: DRILL-8332 > URL: https://issues.apache.org/jira/browse/DRILL-8332 > Project: Apache Drill > Issue Type: Improvement > Reporter: PJ Fanning > Priority: Major > > * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003] > * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004] > * both fixes have been backported (the CVEs themselves need to be updated to > reflect this) -- This message was sent by Atlassian Jira (v8.20.10#820010)