From issues-return-184-archive-asf-public=cust-asf.ponee.io@zookeeper.apache.org  Sun Jun 23 20:22:02 2019
Return-Path: <issues-return-184-archive-asf-public=cust-asf.ponee.io@zookeeper.apache.org>
X-Original-To: archive-asf-public@cust-asf.ponee.io
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [207.244.88.153])
	by mx-eu-01.ponee.io (Postfix) with SMTP id 53CB8180679
	for <archive-asf-public@cust-asf.ponee.io>; Sun, 23 Jun 2019 22:22:02 +0200 (CEST)
Received: (qmail 61235 invoked by uid 500); 23 Jun 2019 20:22:00 -0000
Mailing-List: contact issues-help@zookeeper.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@zookeeper.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@zookeeper.apache.org>
List-Post: <mailto:issues@zookeeper.apache.org>
List-Id: <issues.zookeeper.apache.org>
Reply-To: dev@zookeeper.apache.org
Delivered-To: mailing list issues@zookeeper.apache.org
Received: (qmail 61214 invoked by uid 99); 23 Jun 2019 20:22:00 -0000
Received: from mailrelay1-us-west.apache.org (HELO mailrelay1-us-west.apache.org) (209.188.14.139)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 23 Jun 2019 20:22:00 +0000
Received: from jira-lw-us.apache.org (unknown [207.244.88.139])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 57C45E2DF6
	for <issues@zookeeper.apache.org>; Sun, 23 Jun 2019 20:22:00 +0000 (UTC)
Received: from jira-lw-us.apache.org (localhost [127.0.0.1])
	by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 1452B2544B
	for <issues@zookeeper.apache.org>; Sun, 23 Jun 2019 20:22:00 +0000 (UTC)
Date: Sun, 23 Jun 2019 20:22:00 +0000 (UTC)
From: "Enrico Olivelli (JIRA)" <jira@apache.org>
To: issues@zookeeper.apache.org
Message-ID: <JIRA.13241127.1561321289000.523516.1561321320077@Atlassian.JIRA>
In-Reply-To: <JIRA.13241127.1561321289000@Atlassian.JIRA>
References: <JIRA.13241127.1561321289000@Atlassian.JIRA> <JIRA.13241127.1561321289436@jira-lw-us.apache.org>
Subject: [jira] [Created] (ZOOKEEPER-3441) OWASP is flagging
 jackson-databind-2.9.9.jar for CVE-2019-12814
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394

Enrico Olivelli created ZOOKEEPER-3441:
------------------------------------------

             Summary: OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814
                 Key: ZOOKEEPER-3441
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3441
             Project: ZooKeeper
          Issue Type: Bug
          Components: build, security
    Affects Versions: 3.6.0
            Reporter: Enrico Olivelli
            Assignee: Enrico Olivelli
             Fix For: 3.6.0


OWASP dependency checker is flagging jackson-databind-2.9.9.jar for CVE-2019-12814
We should upgrade the library or add a suppression.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)