This is an automated email from the ASF dual-hosted git repository. joemcdonnell pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/impala.git
commit 7581cedd522a1f0819326456552c3318660a450d Author: Joe McDonnell <[email protected]> AuthorDate: Mon Aug 22 13:09:46 2022 -0700 IMPALA-11394: Update jackson-databind to 2.12.6.1 This updates jackson-databind to address CVE-2020-36518. Testing: - Ran a core job Change-Id: I8db403a102097a22c48f5d9d42ced3b85930078f Reviewed-on: http://gerrit.cloudera.org:8080/18891 Reviewed-by: Wenzhe Zhou <[email protected]> Tested-by: Impala Public Jenkins <[email protected]> --- java/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/pom.xml b/java/pom.xml index 409a15c05..6b972aea8 100644 --- a/java/pom.xml +++ b/java/pom.xml @@ -65,7 +65,7 @@ under the License. so it's important to depend on the same one --> <guava.version>28.1-jre</guava.version> <derby.version>10.14.2.0</derby.version> - <jackson-databind.version>2.10.5.1</jackson-databind.version> + <jackson-databind.version>2.12.6.1</jackson-databind.version> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <iceberg.version>${env.IMPALA_ICEBERG_VERSION}</iceberg.version> <pac4j.version>4.5.5</pac4j.version>
