[jira] [Created] (KNOX-1145) Upgrade Jackson due to CVE-2017-7525

Colm O hEigeartaigh (JIRA) Tue, 12 Dec 2017 04:15:29 -0800

Colm O hEigeartaigh created KNOX-1145:
-----------------------------------------


             Summary: Upgrade Jackson due to CVE-2017-7525
                 Key: KNOX-1145
                 URL: https://issues.apache.org/jira/browse/KNOX-1145
             Project: Apache Knox
          Issue Type: Improvement
            Reporter: Colm O hEigeartaigh
            Assignee: Colm O hEigeartaigh
             Fix For: 1.0.0


Apache Knox currently ships the Jackson databind jar version 2.2.2. However, 
there is a security advisory CVE-2017-7525 released for this component:

https://github.com/FasterXML/jackson-databind/issues/1599

We should upgrade Jackson to pick this fix up.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (KNOX-1145) Upgrade Jackson due to CVE-2017-7525

Reply via email to