[
https://issues.apache.org/jira/browse/FLUME-3112?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16140284#comment-16140284
]
ASF subversion and git services commented on FLUME-3112:
--------------------------------------------------------
Commit 3cd1b331308d8d312fae258d94cd64a69ceb1644 in flume's branch
refs/heads/trunk from [~fszabo]
[ https://git-wip-us.apache.org/repos/asf?p=flume.git;h=3cd1b33 ]
FLUME-3112. Upgrade jackson-core library dependency
Upgrading the version in dependency management and removing unused ones.
Both 1.x and 2.x jackson versions are needed, renamed the jackson.version
property to codehaus.jackson.version and added fasterxml.jackson.version
for the 2.x jackson.
This closes #154
Reviewers: Attila Simon, Miklos Csanady, Denes Arvay
(Ferenc Szabo via Denes Arvay)
> Upgrade jackson-core library dependency
> ---------------------------------------
>
> Key: FLUME-3112
> URL: https://issues.apache.org/jira/browse/FLUME-3112
> Project: Flume
> Issue Type: Bug
> Affects Versions: 1.7.0
> Reporter: Attila Simon
> Assignee: Ferenc Szabo
> Priority: Critical
> Labels: dependency
> Fix For: 1.8.0
>
> Attachments: FLUME-3112.patch
>
>
> ||Group||Artifact||Version used||Upgrade target||
> |com.fasterxml.jackson.core|jackson-core|2.3.1|2.8.9|
> Security vulnerability: http://www.cvedetails.com/cve/CVE-2016-7051/
> Please do:
> - double check the newest version.
> - consider to remove a dependency if better alternative is available.
> - check whether the lib change would introduce a backward incompatibility (in
> which case please add this label `breaking_change` and fix version should be
> the next major)
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
