hive-issues mailing list archives

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	"Karen Coppage (Jira)" <j...@apache.org>
Subject	[jira] [Updated] (HIVE-23338) Bump jackson-databind version up to 2.9.10.4
Date	Fri, 08 May 2020 07:20:00 GMT
[ https://issues.apache.org/jira/browse/HIVE-23338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Karen Coppage updated HIVE-23338: --------------------------------- Status: Open (was: Patch Available) > Bump jackson-databind version up to 2.9.10.4 > -------------------------------------------- > > Key: HIVE-23338 > URL: https://issues.apache.org/jira/browse/HIVE-23338 > Project: Hive > Issue Type: Improvement > Reporter: Karen Coppage > Assignee: Karen Coppage > Priority: Major > Attachments: HIVE-23338.01.patch, HIVE-23338.01.patch, HIVE-23338.01.patch, HIVE-23338.01.patch, HIVE-23338.02.patch, HIVE-23338.03.patch, HIVE-23338.03.patch > > > com.fasterxml.jackson.core:jackson-databind:2.9.9 is exploitable. > And exclude a transitive dependency on com.fasterxml.jackson.core:jackson-databind:2.6.5, which is also exploitable. -- This message was sent by Atlassian Jira (v8.3.4#803005)
Mime	Unnamed text/plain (inline, 7-Bit, 1027 bytes)
	View raw message