zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hudson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-3405) owasp flagging jackson-databind
Date Thu, 30 May 2019 23:34:00 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-3405?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16852452#comment-16852452
] 

Hudson commented on ZOOKEEPER-3405:
-----------------------------------

FAILURE: Integrated in Jenkins build ZooKeeper-trunk #546 (See [https://builds.apache.org/job/ZooKeeper-trunk/546/])
ZOOKEEPER-3405: Upgrade the version of Jackson-databind to address OWASP (nkalmar: rev ca4b12430ef579f67785146a195ebfed5ca73f39)
* (edit) pom.xml
* (edit) build.xml


> owasp flagging jackson-databind
> -------------------------------
>
>                 Key: ZOOKEEPER-3405
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3405
>             Project: ZooKeeper
>          Issue Type: Bug
>    Affects Versions: 3.6.0, 3.5.5
>            Reporter: Patrick Hunt
>            Assignee: Patrick Hunt
>            Priority: Critical
>              Labels: pull-request-available
>             Fix For: 3.6.0, 3.5.6
>
>          Time Spent: 1h
>  Remaining Estimate: 0h
>
> Owasp job is flagging jackson-databind for update:
> CVE-2019-12086	CWE-200 Information Exposure	Medium(5.0)	jackson-databind-2.9.8.jar



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message