This is an automated email from the ASF dual-hosted git repository.
technoboy pushed a commit to branch branch-2.11
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/branch-2.11 by this push:
new bd2875667bd [fix][sec] Upgrade jackson-databind to 2.13.4.2 to get rid
of CVE-2022-42003 (#18394)
bd2875667bd is described below
commit bd2875667bda8c4c81c349f058519792a51abe98
Author: Nicolò Boschi <[email protected]>
AuthorDate: Thu Nov 10 16:53:42 2022 +0100
[fix][sec] Upgrade jackson-databind to 2.13.4.2 to get rid of
CVE-2022-42003 (#18394)
* [fix][sec] Upgrade jackson-databind to 2.13.4.2 to get rid of
CVE-2022-42003
* Fix IO jackson dependencies
* Fix IO http
* revert unrelated change
---
pulsar-io/http/pom.xml | 1 -
1 file changed, 1 deletion(-)
diff --git a/pulsar-io/http/pom.xml b/pulsar-io/http/pom.xml
index cd5a38d0ada..b190b0f5cc1 100644
--- a/pulsar-io/http/pom.xml
+++ b/pulsar-io/http/pom.xml
@@ -51,7 +51,6 @@
<dependency>
<groupId>com.fasterxml.jackson.datatype</groupId>
<artifactId>jackson-datatype-jsr310</artifactId>
- <version>${jackson.version}</version>
</dependency>
<dependency>
