[
https://issues.apache.org/jira/browse/HADOOP-16905?focusedWorklogId=690212&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-690212
]
ASF GitHub Bot logged work on HADOOP-16905:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 03/Dec/21 17:43
Start Date: 03/Dec/21 17:43
Worklog Time Spent: 10m
Work Description: aajisaka commented on pull request #3748:
URL: https://github.com/apache/hadoop/pull/3748#issuecomment-985708809
@brahmareddybattula Would you take a look?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 690212)
Time Spent: 2h (was: 1h 50m)
> Update jackson-databind to 2.10.3 to relieve us from the endless CVE patches
> ----------------------------------------------------------------------------
>
> Key: HADOOP-16905
> URL: https://issues.apache.org/jira/browse/HADOOP-16905
> Project: Hadoop Common
> Issue Type: Sub-task
> Reporter: Wei-Chiu Chuang
> Assignee: Wei-Chiu Chuang
> Priority: Major
> Labels: pull-request-available, release-blocker
> Fix For: 3.3.0
>
> Time Spent: 2h
> Remaining Estimate: 0h
>
> Jackson-databind 2.10 should relieve us from the endless CVE patches
> according to
> https://medium.com/@cowtowncoder/jackson-2-10-features-cd880674d8a2
> Not sure if this is an easy update, but i think we should do this in the
> Hadoop 3.3.0 and before removing jackson-databind entirely.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
