[jira] [Commented] (SCB-509) Update jackson's version to 2.9.5

Fri, 20 Apr 2018 00:30:29 -0700 

    [ 
https://issues.apache.org/jira/browse/SCB-509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16445433#comment-16445433
 ] 

ASF GitHub Bot commented on SCB-509:
------------------------------------

xuyiyun0929 closed pull request #664: [SCB-509] Update jackson's version to 
2.9.5
URL: https://github.com/apache/incubator-servicecomb-java-chassis/pull/664
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/java-chassis-dependencies/pom.xml 
b/java-chassis-dependencies/pom.xml
index 92a00478a..47e205824 100644
--- a/java-chassis-dependencies/pom.xml
+++ b/java-chassis-dependencies/pom.xml
@@ -31,7 +31,7 @@
   <packaging>pom</packaging>
 
   <properties>
-    <jackson.version>2.9.4</jackson.version>
+    <jackson.version>2.9.5</jackson.version>
     <vertx.version>3.5.0</vertx.version>
     <tec.zkclient.version>0.8</tec.zkclient.version>
     <spring.version>4.3.5.RELEASE</spring.version>
diff --git a/java-chassis-distribution/src/release/LICENSE 
b/java-chassis-distribution/src/release/LICENSE
index d4933ba15..225d9dcb5 100644
--- a/java-chassis-distribution/src/release/LICENSE
+++ b/java-chassis-distribution/src/release/LICENSE
@@ -349,13 +349,13 @@ Guava: Google Core Libraries for Java 
(http://code.google.com/p/guava-libraries/
 Hibernate Validator Engine 
(http://hibernate.org/validator/hibernate-validator) 
org.hibernate:hibernate-validator:jar:5.2.4.Final
 JBoss Logging 3 (http://www.jboss.org) 
org.jboss.logging:jboss-logging:jar:3.3.0.Final
 Jackson dataformat: CBOR 
(http://github.com/FasterXML/jackson-dataformats-binary) 
com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:bundle:2.8.7
-Jackson dataformat: protobuf 
(http://github.com/FasterXML/jackson-dataformats-binary) 
com.fasterxml.jackson.dataformat:jackson-dataformat-protobuf:bundle:2.9.2
+Jackson dataformat: protobuf 
(http://github.com/FasterXML/jackson-dataformats-binary) 
com.fasterxml.jackson.dataformat:jackson-dataformat-protobuf:bundle:2.9.5
 Jackson module: Afterburner 
(https://github.com/FasterXML/jackson-modules-base) 
com.fasterxml.jackson.module:jackson-module-afterburner:bundle:2.7.5
 Jackson module: JAXB-annotations 
(http://github.com/FasterXML/jackson-module-jaxb-annotations) 
com.fasterxml.jackson.module:jackson-module-jaxb-annotations:bundle:2.8.7
-Jackson-annotations (http://github.com/FasterXML/jackson) 
com.fasterxml.jackson.core:jackson-annotations:bundle:2.9.2
-Jackson-core (https://github.com/FasterXML/jackson-core) 
com.fasterxml.jackson.core:jackson-core:bundle:2.9.2
-Jackson-dataformat-XML 
(http://wiki.fasterxml.com/JacksonExtensionXmlDataBinding) 
com.fasterxml.jackson.dataformat:jackson-dataformat-xml:bundle:2.9.2
-Jackson-dataformat-YAML 
(https://github.com/FasterXML/jackson-dataformats-text) 
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:bundle:2.9.2
+Jackson-annotations (http://github.com/FasterXML/jackson) 
com.fasterxml.jackson.core:jackson-annotations:bundle:2.9.5
+Jackson-core (https://github.com/FasterXML/jackson-core) 
com.fasterxml.jackson.core:jackson-core:bundle:2.9.5
+Jackson-dataformat-XML 
(http://wiki.fasterxml.com/JacksonExtensionXmlDataBinding) 
com.fasterxml.jackson.dataformat:jackson-dataformat-xml:bundle:2.9.5
+Jackson-dataformat-YAML 
(https://github.com/FasterXML/jackson-dataformats-text) 
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:bundle:2.9.5
 Javassist (http://www.javassist.org/) org.javassist:javassist:bundle:3.18.1-GA
 Log4j Implemented Over SLF4J (http://www.slf4j.org) 
org.slf4j:log4j-over-slf4j:jar:1.7.7
 Netty/Buffer (http://netty.io/netty-buffer/) 
io.netty:netty-buffer:jar:4.1.17.Final


 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Update jackson's version to 2.9.5
> ---------------------------------
>
>                 Key: SCB-509
>                 URL: https://issues.apache.org/jira/browse/SCB-509
>             Project: Apache ServiceComb
>          Issue Type: Task
>          Components: Java-Chassis
>            Reporter: xuyiyun
>            Assignee: xuyiyun
>            Priority: Major
>
> [https://nvd.nist.gov/vuln/detail/CVE-2018-7489]



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to