This is an automated email from the ASF dual-hosted git repository.
hulee pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/helix.git
The following commit(s) were added to refs/heads/master by this push:
new b942d3bae upgrade jackson to 2.12.6.1 due to cve (#2043)
b942d3bae is described below
commit b942d3bae9f3c822f9b0efad1d2abd2deebd67d9
Author: PJ Fanning <[email protected]>
AuthorDate: Tue Apr 19 20:21:11 2022 +0200
upgrade jackson to 2.12.6.1 due to cve (#2043)
---
.../helix-admin-webapp-1.0.3-SNAPSHOT.ivy | 4 ++--
helix-admin-webapp/pom.xml | 4 ++--
helix-common/helix-common-1.0.3-SNAPSHOT.ivy | 4 ++--
helix-core/helix-core-1.0.3-SNAPSHOT.ivy | 4 ++--
helix-core/pom.xml | 4 ++--
.../integration-test/script/driver_cmd_dict.py | 20 ++++++++++----------
helix-rest/helix-rest-1.0.3-SNAPSHOT.ivy | 4 ++--
helix-rest/pom.xml | 4 ++--
helix-view-aggregator/pom.xml | 4 ++--
...etadata-store-directory-common-1.0.3-SNAPSHOT.ivy | 2 +-
zookeeper-api/pom.xml | 2 +-
zookeeper-api/zookeeper-api-1.0.3-SNAPSHOT.ivy | 5 ++---
12 files changed, 30 insertions(+), 31 deletions(-)
diff --git a/helix-admin-webapp/helix-admin-webapp-1.0.3-SNAPSHOT.ivy
b/helix-admin-webapp/helix-admin-webapp-1.0.3-SNAPSHOT.ivy
index 5b3cd5df3..32884cd0f 100644
--- a/helix-admin-webapp/helix-admin-webapp-1.0.3-SNAPSHOT.ivy
+++ b/helix-admin-webapp/helix-admin-webapp-1.0.3-SNAPSHOT.ivy
@@ -45,8 +45,8 @@ under the License.
</dependency>
<dependency org="org.apache.helix" name="helix-core"
rev="1.0.3-SNAPSHOT" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
<dependency org="org.restlet.jse" name="org.restlet"
rev="2.2.1" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
- <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.11.0" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
- <dependency org="com.fasterxml.jackson.core"
name="jackson-core" rev="2.11.0" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
+ <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.12.6.1" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
+ <dependency org="com.fasterxml.jackson.core"
name="jackson-core" rev="2.12.6" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
<dependency org="commons-cli" name="commons-cli" rev="1.2"
force="true" conf="compile->compile(*),master(*);runtime->runtime(*)"/>
</dependencies>
</ivy-module>
diff --git a/helix-admin-webapp/pom.xml b/helix-admin-webapp/pom.xml
index 2c518f561..c0fab55b1 100644
--- a/helix-admin-webapp/pom.xml
+++ b/helix-admin-webapp/pom.xml
@@ -82,12 +82,12 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.11.0</version>
+ <version>2.12.6.1</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
- <version>2.11.0</version>
+ <version>2.12.6</version>
</dependency>
<dependency>
<groupId>commons-cli</groupId>
diff --git a/helix-common/helix-common-1.0.3-SNAPSHOT.ivy
b/helix-common/helix-common-1.0.3-SNAPSHOT.ivy
index 9474509ab..ba7bac820 100644
--- a/helix-common/helix-common-1.0.3-SNAPSHOT.ivy
+++ b/helix-common/helix-common-1.0.3-SNAPSHOT.ivy
@@ -44,8 +44,8 @@ under the License.
<artifact name="log4j-slf4j-impl" ext="jar"/>
</dependency>
<dependency org="org.yaml" name="snakeyaml" rev="1.30"
conf="compile->compile(default);runtime->runtime(default);default->default"/>
- <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.11.0" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
- <dependency org="com.fasterxml.jackson.core"
name="jackson-core" rev="2.11.0" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
+ <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.12.6.1" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
+ <dependency org="com.fasterxml.jackson.core"
name="jackson-core" rev="2.12.6" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
<dependency org="commons-cli" name="commons-cli" rev="1.2"
force="true" conf="compile->compile(*),master(*);runtime->runtime(*)"/>
</dependencies>
</ivy-module>
diff --git a/helix-core/helix-core-1.0.3-SNAPSHOT.ivy
b/helix-core/helix-core-1.0.3-SNAPSHOT.ivy
index 580932513..d06f3c1f5 100755
--- a/helix-core/helix-core-1.0.3-SNAPSHOT.ivy
+++ b/helix-core/helix-core-1.0.3-SNAPSHOT.ivy
@@ -53,8 +53,8 @@ under the License.
<artifact name="log4j-slf4j-impl" ext="jar"/>
</dependency>
<dependency org="org.apache.zookeeper" name="zookeeper" rev="3.4.13"
conf="compile->compile(default);runtime->runtime(default);default->default"/>
- <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.11.0"
conf="compile->compile(default);runtime->runtime(default);default->default"/>
- <dependency org="com.fasterxml.jackson.core" name="jackson-core"
rev="2.11.0"
conf="compile->compile(default);runtime->runtime(default);default->default"/>
+ <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.12.6.1"
conf="compile->compile(default);runtime->runtime(default);default->default"/>
+ <dependency org="com.fasterxml.jackson.core" name="jackson-core"
rev="2.12.6"
conf="compile->compile(default);runtime->runtime(default);default->default"/>
<dependency org="commons-io" name="commons-io" rev="2.11.0"
conf="compile->compile(default);runtime->runtime(default);default->default"/>
<dependency org="commons-cli" name="commons-cli" rev="1.2"
conf="compile->compile(default);runtime->runtime(default);default->default"/>
<dependency org="commons-math" name="commons-math" rev="2.1"
conf="compile->compile(default);runtime->runtime(default);default->default"/>
diff --git a/helix-core/pom.xml b/helix-core/pom.xml
index 28ddb02b9..9678dd32e 100755
--- a/helix-core/pom.xml
+++ b/helix-core/pom.xml
@@ -73,12 +73,12 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.11.0</version>
+ <version>2.12.6.1</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
- <version>2.11.0</version>
+ <version>2.12.6</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
diff --git
a/helix-core/src/main/scripts/integration-test/script/driver_cmd_dict.py
b/helix-core/src/main/scripts/integration-test/script/driver_cmd_dict.py
index 2bf98ef6d..1297a89a9 100644
--- a/helix-core/src/main/scripts/integration-test/script/driver_cmd_dict.py
+++ b/helix-core/src/main/scripts/integration-test/script/driver_cmd_dict.py
@@ -144,8 +144,8 @@ cmd_direct_call={
,"IVY_DIR/jdom/jdom/1.0/jdom-1.0.jar"
,"IVY_DIR/log4j/log4j/2.17.1/log4j-2.17.1.jar"
,"IVY_DIR/org/apache/zookeeper/zookeeper/3.3.3/zookeeper-3.3.3.jar"
-
,"IVY_DIR/com/fasterxml/jackson/core/jackson-databind/2.11.0/jackson-databind-2.11.0.jar"
-
,"IVY_DIR/com/fasterxml/jackson/core/jackson-core/2.11.0/jackson-core-2.11.0.jar"
+
,"IVY_DIR/com/fasterxml/jackson/core/jackson-databind/2.12.6.1/jackson-databind-2.12.6.1.jar"
+
,"IVY_DIR/com/fasterxml/jackson/core/jackson-core/2.12.6/jackson-core-2.12.6.jar"
,"IVY_DIR/xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar"
,"IVY_DIR/org/restlet/org.restlet/1.1.10/org.restlet-1.1.10.jar"
,"IVY_DIR/com/noelios/restlet/com.noelios.restlet/1.1.10/com.noelios.restlet-1.1.10.jar"
@@ -164,8 +164,8 @@ cmd_direct_call={
,"IVY_DIR/jdom/jdom/1.0/jdom-1.0.jar"
,"IVY_DIR/log4j/log4j/2.17.1/log4j-2.17.1.jar"
,"IVY_DIR/org/apache/zookeeper/zookeeper/3.3.3/zookeeper-3.3.3.jar"
-
,"IVY_DIR/com/fasterxml/jackson/core/jackson-databind/2.11.0/jackson-databind-2.11.0.jar"
-
,"IVY_DIR/com/fasterxml/jackson/core/jackson-core/2.11.0/jackson-core-2.11.0.jar"
+
,"IVY_DIR/com/fasterxml/jackson/core/jackson-databind/2.12.6.1/jackson-databind-2.12.6.1.jar"
+
,"IVY_DIR/com/fasterxml/jackson/core/jackson-core/2.12.6/jackson-core-2.12.6.jar"
,"IVY_DIR/xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar"
,"IVY_DIR/com/github/sgroschupf/zkclient/0.1/zkclient-0.1.jar"
,"IVY_DIR/org/apache/commons/commons-math/2.1/commons-math-2.1.jar"
@@ -185,8 +185,8 @@ cmd_direct_call={
,"IVY_DIR/jdom/jdom/1.0/jdom-1.0.jar"
,"IVY_DIR/log4j/log4j/2.17.1/log4j-2.17.1.jar"
,"IVY_DIR/org/apache/zookeeper/zookeeper/3.3.3/zookeeper-3.3.3.jar"
-
,"IVY_DIR/com/fasterxml/jackson/core/jackson-databind/2.11.0/jackson-databind-2.11.0.jar"
-
,"IVY_DIR/com/fasterxml/jackson/core/jackson-core/2.11.0/jackson-core-2.11.0.jar"
+
,"IVY_DIR/com/fasterxml/jackson/core/jackson-databind/2.12.6.1/jackson-databind-2.12.6.1.jar"
+
,"IVY_DIR/com/fasterxml/jackson/core/jackson-core/2.12.6/jackson-core-2.12.6.jar"
,"IVY_DIR/xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar"
,"IVY_DIR/com/github/sgroschupf/zkclient/0.1/zkclient-0.1.jar"
,"IVY_DIR/org/apache/commons/commons-math/2.1/commons-math-2.1.jar"
@@ -208,8 +208,8 @@ cmd_direct_call={
,"IVY_DIR/jdom/jdom/1.0/jdom-1.0.jar"
,"IVY_DIR/log4j/log4j/2.17.1/log4j-2.17.1.jar"
,"IVY_DIR/org/apache/zookeeper/zookeeper/3.3.3/zookeeper-3.3.3.jar"
-
,"IVY_DIR/org/com/fasterxml/jackson/core/jackson-databind/2.11.0/jackson-databind-2.11.0.jar"
-
,"IVY_DIR/com/fasterxml/jackson/core/jackson-core/2.11.0/jackson-core-2.11.0.jar"
+
,"IVY_DIR/org/com/fasterxml/jackson/core/jackson-databind/2.12.6.1/jackson-databind-2.12.6.1.jar"
+
,"IVY_DIR/com/fasterxml/jackson/core/jackson-core/2.12.6/jackson-core-2.12.6.jar"
,"IVY_DIR/xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar"
,"IVY_DIR/com/github/sgroschupf/zkclient/0.1/zkclient-0.1.jar"
,"IVY_DIR/org/apache/commons/commons-math/2.1/commons-math-2.1.jar"
@@ -231,8 +231,8 @@ cmd_direct_call={
,"IVY_DIR/jdom/jdom/1.0/jdom-1.0.jar"
,"IVY_DIR/log4j/log4j/2.17.1/log4j-2.17.1.jar"
,"IVY_DIR/org/apache/zookeeper/zookeeper/3.3.3/zookeeper-3.3.3.jar"
-
,"IVY_DIR/com/fasterxml/jackson/core/jackson-databind/2.11.0/jackson-databind-2.11.0.jar"
-
,"IVY_DIR/com/fasterxml/jackson/core/jackson-core/2.11.0/jackson-core-2.11.0.jar"
+
,"IVY_DIR/com/fasterxml/jackson/core/jackson-databind/2.12.6.1/jackson-databind-2.12.6.1.jar"
+
,"IVY_DIR/com/fasterxml/jackson/core/jackson-core/2.12.6/jackson-core-2.12.6.jar"
,"IVY_DIR/xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar"
,"IVY_DIR/org/restlet/org.restlet/1.1.10/org.restlet-1.1.10.jar"
,"IVY_DIR/com/noelios/restlet/com.noelios.restlet/1.1.10/com.noelios.restlet-1.1.10.jar"
diff --git a/helix-rest/helix-rest-1.0.3-SNAPSHOT.ivy
b/helix-rest/helix-rest-1.0.3-SNAPSHOT.ivy
index 31fe42626..0d738c1f9 100644
--- a/helix-rest/helix-rest-1.0.3-SNAPSHOT.ivy
+++ b/helix-rest/helix-rest-1.0.3-SNAPSHOT.ivy
@@ -47,8 +47,8 @@ under the License.
<artifact name="snakeyaml" m:classifier="sources" ext="jar"/>
</dependency>
<dependency org="org.apache.helix" name="helix-core"
rev="1.0.3-SNAPSHOT" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
- <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.11.0" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
- <dependency org="com.fasterxml.jackson.core"
name="jackson-core" rev="2.11.0" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
+ <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.12.6.1" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
+ <dependency org="com.fasterxml.jackson.core"
name="jackson-core" rev="2.12.6" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
<dependency org="commons-cli" name="commons-cli" rev="1.2"
force="true" conf="compile->compile(*),master(*);runtime->runtime(*)"/>
<dependency org="io.dropwizard.metrics" name="metrics-jersey2"
rev="4.1.14" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
<dependency org="io.dropwizard.metrics" name="metrics-jmx"
rev="4.1.14" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
diff --git a/helix-rest/pom.xml b/helix-rest/pom.xml
index 99d4694c7..10ae288e6 100644
--- a/helix-rest/pom.xml
+++ b/helix-rest/pom.xml
@@ -122,12 +122,12 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.11.0</version>
+ <version>2.12.6.1</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.11.0</version>
+ <version>2.12.6</version>
</dependency>
<dependency>
<groupId>commons-cli</groupId>
diff --git a/helix-view-aggregator/pom.xml b/helix-view-aggregator/pom.xml
index f914c61d6..7927a31e0 100644
--- a/helix-view-aggregator/pom.xml
+++ b/helix-view-aggregator/pom.xml
@@ -66,12 +66,12 @@ under the License.
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.11.0</version>
+ <version>2.12.6.1</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
- <version>2.11.0</version>
+ <version>2.12.6</version>
</dependency>
<dependency>
<groupId>commons-cli</groupId>
diff --git
a/metadata-store-directory-common/metadata-store-directory-common-1.0.3-SNAPSHOT.ivy
b/metadata-store-directory-common/metadata-store-directory-common-1.0.3-SNAPSHOT.ivy
index 43d102ae3..8a8c687a7 100644
---
a/metadata-store-directory-common/metadata-store-directory-common-1.0.3-SNAPSHOT.ivy
+++
b/metadata-store-directory-common/metadata-store-directory-common-1.0.3-SNAPSHOT.ivy
@@ -47,7 +47,7 @@ under the License.
<artifact name="snakeyaml" m:classifier="sources" ext="jar"/>
</dependency>
<dependency org="org.apache.helix" name="helix-core"
rev="1.0.3-SNAPSHOT" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
- <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.11.0" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
+ <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.12.6.1" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
<dependency org="commons-cli" name="commons-cli" rev="1.2"
force="true" conf="compile->compile(*),master(*);runtime->runtime(*)"/>
<dependency org="commons-io" name="commons-io" rev="2.11.0"
conf="compile->compile(default);runtime->runtime(default);default->default"/>
</dependencies>
diff --git a/zookeeper-api/pom.xml b/zookeeper-api/pom.xml
index 8e68c5d26..e0a852d13 100644
--- a/zookeeper-api/pom.xml
+++ b/zookeeper-api/pom.xml
@@ -75,7 +75,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.11.0</version>
+ <version>2.12.6.1</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
diff --git a/zookeeper-api/zookeeper-api-1.0.3-SNAPSHOT.ivy
b/zookeeper-api/zookeeper-api-1.0.3-SNAPSHOT.ivy
index 9b5592179..352dc50af 100644
--- a/zookeeper-api/zookeeper-api-1.0.3-SNAPSHOT.ivy
+++ b/zookeeper-api/zookeeper-api-1.0.3-SNAPSHOT.ivy
@@ -44,9 +44,8 @@ under the License.
<artifact name="log4j-slf4j-impl" ext="jar"/>
</dependency>
<dependency org="org.apache.zookeeper" name="zookeeper" rev="3.4.13"
conf="compile->compile(default);runtime->runtime(default);default->default"/>
- <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.11.0" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
- <dependency org="com.fasterxml.jackson.core"
name="jackson-core" rev="2.11.0" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
- <dependency org="org.codehaus.jackson"
name="jackson-mapper-asl" rev="1.9.13" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
+ <dependency org="com.fasterxml.jackson.core"
name="jackson-databind" rev="2.12.6.1" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
+ <dependency org="com.fasterxml.jackson.core"
name="jackson-core" rev="2.12.6" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
<dependency org="commons-cli" name="commons-cli" rev="1.2"
force="true" conf="compile->compile(*),master(*);runtime->runtime(*)"/>
<dependency org="org.apache.httpcomponents" name="httpclient"
rev="4.5.8" force="true"
conf="compile->compile(*),master(*);runtime->runtime(*)"/>
</dependencies>
