首页 发现 帮助
注册 登录
apache
/
zookeeper
镜像自地址 https://gitee.com/apache/zookeeper.git
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

ZOOKEEPER-4505: CVE-2020-36518 - Upgrade jackson databind to 2.13.2.1

CVE-2020-36518 vulnerability affects jackson-databind in Zookeeper (see https://github.com/advisories/GHSA-57j2-w4cx-62h2).

Upgrading to jackson-databind version 2.13.2.1 should address this issue.

Author: Edwin Hobor <edwinhobor@gmail.com>

Reviewers: maoling <maoling@apache.org>,Enrico Olivelli <eolivelli@apache.org>, Mohammad Arshad <arshad@apache.org>

Closes #1842 from edwin092/edwin/ZOOKEEPER-4505
Edwin Hobor 3 年之前
父节点
91e0520133
当前提交
78bbb123cf
共有 1 个文件被更改,包括 1 次插入1 次删除
分列视图 显示文件统计
  1. 1 1
      pom.xml

+ 1 - 1
pom.xml
查看文件 

@@ -470,7 +470,7 @@
 
     <netty.version>4.1.73.Final</netty.version>
 
     <netty.tcnative.version>2.0.48.Final</netty.tcnative.version>
 
     <jetty.version>9.4.43.v20210629</jetty.version>
 
-    <jackson.version>2.13.1</jackson.version>
 
+    <jackson.version>2.13.2.1</jackson.version>
 
     <jline.version>2.14.6</jline.version>
 
     <snappy.version>1.1.7.7</snappy.version>
 
     <kerby.version>2.0.0</kerby.version>