[
https://issues.apache.org/jira/browse/PARQUET-2127?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17531612#comment-17531612
]
Brais Couce commented on PARQUET-2127:
--------------------------------------
Hi,
I see that the first PR was merged into master and there is a second PR to
update again the version. Does this means that this ticket will be included in
the next version (1.13.0)? Do you know if there is release date?
Regards.
> Security risk in latest parquet-jackson-1.12.2.jar
> --------------------------------------------------
>
> Key: PARQUET-2127
> URL: https://issues.apache.org/jira/browse/PARQUET-2127
> Project: Parquet
> Issue Type: Improvement
> Reporter: phoebe chen
> Priority: Major
>
> Embed jackson-databind:2.11.4 has security risk of Possible DoS if using JDK
> serialization to serialize JsonNode
> ([https://github.com/FasterXML/jackson-databind/issues/3328] ), upgrade to
> 2.13.1 can fix this.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
