Github user prabhjyotsingh commented on the issue:
https://github.com/apache/zeppelin/pull/2962
Yes, nothing critical, but there have been a lot of fixes in
jackson-databind and some of those are security patches as well. I have tested
manually none those apply to Zeppelin (for now), but upgrading these libraries
will make up future secure from accidental usage.---
