[jira] [Updated] (CALCITE-5115) Upgrade jackson-databind from 2.9.10.1 to 2.13.2.1, and jackson from 2.10.0 to 2.13.2.1

Julian Hyde (Jira) Tue, 26 Apr 2022 14:27:07 -0700


     [ 
https://issues.apache.org/jira/browse/CALCITE-5115?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Julian Hyde updated CALCITE-5115:
---------------------------------
    Description: Upgrading jackson-databind is required to fix 
[CVE-2020-36518|https://nvd.nist.gov/vuln/detail/CVE-2020-36518]; the fix 
requires jackson-databind version 2.12.6.1, or 2.13.2.1 or greater.  (was: 
[https://nvd.nist.gov/vuln/detail/CVE-2020-36518]

required version: 2.12.6.1, 2.13.2.1 or greater)

> Upgrade jackson-databind from 2.9.10.1 to 2.13.2.1, and jackson from 2.10.0 
> to 2.13.2.1
> ---------------------------------------------------------------------------------------
>
>                 Key: CALCITE-5115
>                 URL: https://issues.apache.org/jira/browse/CALCITE-5115
>             Project: Calcite
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 1.30.0
>            Reporter: Florian Brams
>            Assignee: Julian Hyde
>            Priority: Major
>             Fix For: 1.31.0
>
>
> Upgrading jackson-databind is required to fix 
> [CVE-2020-36518|https://nvd.nist.gov/vuln/detail/CVE-2020-36518]; the fix 
> requires jackson-databind version 2.12.6.1, or 2.13.2.1 or greater.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

[jira] [Updated] (CALCITE-5115) Upgrade jackson-databind from 2.9.10.1 to 2.13.2.1, and jackson from 2.10.0 to 2.13.2.1

Reply via email to