[ https://issues.apache.org/jira/browse/HBASE-23174?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16951835#comment-16951835 ]
Hudson commented on HBASE-23174: -------------------------------- Results for branch branch-1 [build #1107 on builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-1/1107/]: (/) *{color:green}+1 overall{color}* ---- details (if available): (/) {color:green}+1 general checks{color} -- For more information [see general report|https://builds.apache.org/job/HBase%20Nightly/job/branch-1/1107//General_Nightly_Build_Report/] (/) {color:green}+1 jdk7 checks{color} -- For more information [see jdk7 report|https://builds.apache.org/job/HBase%20Nightly/job/branch-1/1107//JDK7_Nightly_Build_Report/] (/) {color:green}+1 jdk8 hadoop2 checks{color} -- For more information [see jdk8 (hadoop2) report|https://builds.apache.org/job/HBase%20Nightly/job/branch-1/1107//JDK8_Nightly_Build_Report_(Hadoop2)/] (/) {color:green}+1 source release artifact{color} -- See build output for details. > Upgrade jackson and jackson-databind to 2.9.10 (branch-1) > --------------------------------------------------------- > > Key: HBASE-23174 > URL: https://issues.apache.org/jira/browse/HBASE-23174 > Project: HBase > Issue Type: Improvement > Components: dependencies, REST, security > Reporter: Andrew Kyle Purtell > Assignee: Andrew Kyle Purtell > Priority: Blocker > Fix For: 1.3.6, 1.4.11, 1.5.1 > > > Two more CVEs (CVE-2019-16335 and CVE-2019-14540) are addressed in > jackson-databind 2.9.10. -- This message was sent by Atlassian Jira (v8.3.4#803005)