[ https://issues.apache.org/jira/browse/DRILL-8332?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
PJ Fanning updated DRILL-8332: ------------------------------ Description: * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003] * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004] * both fixes have been backported (the CVEs themselves need to be updated to reflect this) There was a gradle module issue in 2.13.4.20221012 so upgrading to 2.13.4.20221013 was: * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003] * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004] * both fixes have been backported (the CVEs themselves need to be updated to reflect this) > upgrade to jackson 2.13.4.20221013 > ---------------------------------- > > Key: DRILL-8332 > URL: https://issues.apache.org/jira/browse/DRILL-8332 > Project: Apache Drill > Issue Type: Improvement > Reporter: PJ Fanning > Priority: Major > > * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003] > * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004] > * both fixes have been backported (the CVEs themselves need to be updated to > reflect this) > There was a gradle module issue in 2.13.4.20221012 so upgrading to > 2.13.4.20221013 -- This message was sent by Atlassian Jira (v8.20.10#820010)