(pulsar) branch branch-4.1 updated: [fix][sec] Upgrade Jackson version to 2.18.6 (#25264)

mmerli Sun, 01 Mar 2026 14:48:53 -0800

This is an automated email from the ASF dual-hosted git repository.

mmerli pushed a commit to branch branch-4.1
in repository https://gitbox.apache.org/repos/asf/pulsar.git



The following commit(s) were added to refs/heads/branch-4.1 by this push:
     new d11bb98f0c7 [fix][sec] Upgrade Jackson version to 2.18.6 (#25264)
d11bb98f0c7 is described below

commit d11bb98f0c743463f7db5483ad28a02f0f8e8c29
Author: Oneby Wang <[email protected]>
AuthorDate: Mon Mar 2 06:46:45 2026 +0800

    [fix][sec] Upgrade Jackson version to 2.18.6 (#25264)
---
 distribution/server/src/assemble/LICENSE.bin.txt | 22 +++++++++++-----------
 distribution/shell/src/assemble/LICENSE.bin.txt  | 22 +++++++++++-----------
 pom.xml                                          |  2 +-
 3 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/distribution/server/src/assemble/LICENSE.bin.txt 
b/distribution/server/src/assemble/LICENSE.bin.txt
index a571e17c179..4879d43f60d 100644
--- a/distribution/server/src/assemble/LICENSE.bin.txt
+++ b/distribution/server/src/assemble/LICENSE.bin.txt
@@ -249,17 +249,17 @@ The Apache Software License, Version 2.0
      - info.picocli-picocli-shell-jline3-4.7.5.jar
  * High Performance Primitive Collections for Java -- 
com.carrotsearch-hppc-0.9.1.jar
  * Jackson
-     - com.fasterxml.jackson.core-jackson-annotations-2.17.2.jar
-     - com.fasterxml.jackson.core-jackson-core-2.17.2.jar
-     - com.fasterxml.jackson.core-jackson-databind-2.17.2.jar
-     - com.fasterxml.jackson.dataformat-jackson-dataformat-yaml-2.17.2.jar
-     - com.fasterxml.jackson.jaxrs-jackson-jaxrs-base-2.17.2.jar
-     - com.fasterxml.jackson.jaxrs-jackson-jaxrs-json-provider-2.17.2.jar
-     - com.fasterxml.jackson.module-jackson-module-jaxb-annotations-2.17.2.jar
-     - com.fasterxml.jackson.module-jackson-module-jsonSchema-2.17.2.jar
-     - com.fasterxml.jackson.datatype-jackson-datatype-jdk8-2.17.2.jar
-     - com.fasterxml.jackson.datatype-jackson-datatype-jsr310-2.17.2.jar
-     - com.fasterxml.jackson.module-jackson-module-parameter-names-2.17.2.jar
+     - com.fasterxml.jackson.core-jackson-annotations-2.18.6.jar
+     - com.fasterxml.jackson.core-jackson-core-2.18.6.jar
+     - com.fasterxml.jackson.core-jackson-databind-2.18.6.jar
+     - com.fasterxml.jackson.dataformat-jackson-dataformat-yaml-2.18.6.jar
+     - com.fasterxml.jackson.jaxrs-jackson-jaxrs-base-2.18.6.jar
+     - com.fasterxml.jackson.jaxrs-jackson-jaxrs-json-provider-2.18.6.jar
+     - com.fasterxml.jackson.module-jackson-module-jaxb-annotations-2.18.6.jar
+     - com.fasterxml.jackson.module-jackson-module-jsonSchema-2.18.6.jar
+     - com.fasterxml.jackson.datatype-jackson-datatype-jdk8-2.18.6.jar
+     - com.fasterxml.jackson.datatype-jackson-datatype-jsr310-2.18.6.jar
+     - com.fasterxml.jackson.module-jackson-module-parameter-names-2.18.6.jar
  * Caffeine -- com.github.ben-manes.caffeine-caffeine-3.2.3.jar
  * Conscrypt -- org.conscrypt-conscrypt-openjdk-uber-2.5.2.jar
  * Fastutil -- it.unimi.dsi-fastutil-8.5.16.jar
diff --git a/distribution/shell/src/assemble/LICENSE.bin.txt 
b/distribution/shell/src/assemble/LICENSE.bin.txt
index 60e52b3aec4..09122402d89 100644
--- a/distribution/shell/src/assemble/LICENSE.bin.txt
+++ b/distribution/shell/src/assemble/LICENSE.bin.txt
@@ -313,17 +313,17 @@ The Apache Software License, Version 2.0
      - picocli-4.7.5.jar
      - picocli-shell-jline3-4.7.5.jar
  * Jackson
-     - jackson-annotations-2.17.2.jar
-     - jackson-core-2.17.2.jar
-     - jackson-databind-2.17.2.jar
-     - jackson-dataformat-yaml-2.17.2.jar
-     - jackson-jaxrs-base-2.17.2.jar
-     - jackson-jaxrs-json-provider-2.17.2.jar
-     - jackson-module-jaxb-annotations-2.17.2.jar
-     - jackson-module-jsonSchema-2.17.2.jar
-     - jackson-datatype-jdk8-2.17.2.jar
-     - jackson-datatype-jsr310-2.17.2.jar
-     - jackson-module-parameter-names-2.17.2.jar
+     - jackson-annotations-2.18.6.jar
+     - jackson-core-2.18.6.jar
+     - jackson-databind-2.18.6.jar
+     - jackson-dataformat-yaml-2.18.6.jar
+     - jackson-jaxrs-base-2.18.6.jar
+     - jackson-jaxrs-json-provider-2.18.6.jar
+     - jackson-module-jaxb-annotations-2.18.6.jar
+     - jackson-module-jsonSchema-2.18.6.jar
+     - jackson-datatype-jdk8-2.18.6.jar
+     - jackson-datatype-jsr310-2.18.6.jar
+     - jackson-module-parameter-names-2.18.6.jar
  * Conscrypt -- conscrypt-openjdk-uber-2.5.2.jar
  * Gson
     - gson-2.13.2.jar
diff --git a/pom.xml b/pom.xml
index f93480a52bf..c314156fc4c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -207,7 +207,7 @@ flexible messaging model and an intuitive client 
API.</description>
     
<bouncycastle.bcprov-ext-jdk18on.version>1.78.1</bouncycastle.bcprov-ext-jdk18on.version>
     <bouncycastle.bcpkix-fips.version>2.0.10</bouncycastle.bcpkix-fips.version>
     <bouncycastle.bc-fips.version>2.0.1</bouncycastle.bc-fips.version>
-    <jackson.version>2.17.2</jackson.version>
+    <jackson.version>2.18.6</jackson.version>
     <fastutil.version>8.5.16</fastutil.version>
     <jctools.version>4.0.5</jctools.version>
     <reflections.version>0.10.2</reflections.version>

(pulsar) branch branch-4.1 updated: [fix][sec] Upgrade Jackson version to 2.18.6 (#25264)

Reply via email to