[jira] [Commented] (OAK-9479) oak-search-elastic: upgrade jackson-databind to 2.10.5.1

Julian Reschke (Jira) Thu, 01 Jul 2021 03:20:10 -0700


    [ 
https://issues.apache.org/jira/browse/OAK-9479?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17372612#comment-17372612
 ]


Julian Reschke commented on OAK-9479:
-------------------------------------

IMHO it would be simpler to update everything to 2.12.3

> oak-search-elastic: upgrade jackson-databind to 2.10.5.1
> --------------------------------------------------------
>
>                 Key: OAK-9479
>                 URL: https://issues.apache.org/jira/browse/OAK-9479
>             Project: Jackrabbit Oak
>          Issue Type: Task
>          Components: elastic-search, search
>            Reporter: Fabrizio Fortino
>            Assignee: Fabrizio Fortino
>            Priority: Major
>             Fix For: 1.42.0
>
>
> The current version (2.10.3) is affected by this vulnerability 
> https://nvd.nist.gov/vuln/detail/CVE-2020-25649



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (OAK-9479) oak-search-elastic: upgrade jackson-databind to 2.10.5.1

Reply via email to