arrow-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matt Darwin (JIRA)" <j...@apache.org>
Subject [jira] [Created] (ARROW-1242) security - upgrade Jackson to mitigate 3 CVE vulnerabilities
Date Thu, 20 Jul 2017 13:23:00 GMT
Matt Darwin created ARROW-1242:
----------------------------------

             Summary: security - upgrade Jackson to mitigate 3 CVE vulnerabilities
                 Key: ARROW-1242
                 URL: https://issues.apache.org/jira/browse/ARROW-1242
             Project: Apache Arrow
          Issue Type: Bug
          Components: Java - Memory, Java - Vectors
    Affects Versions: 0.4.1
            Reporter: Matt Darwin
             Fix For: 0.5.0


please consider upgrading jackson to mitigate its various vulnerabilities in 2.7.1:
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=jackson

see also
https://github.com/FasterXML/jackson-databind/issues/1599



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message