Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ARROW-1242: [JAVA] upgrade jackson to mitigate security vulnerabilities #872

Closed
wants to merge 3 commits into from
Closed

ARROW-1242: [JAVA] upgrade jackson to mitigate security vulnerabilities #872

wants to merge 3 commits into from

Conversation

mattdarwin
Copy link

No description provided.

@mattdarwin mattdarwin changed the title 1242 - upgrade jackson to mitigate security vulnerabilities ARROW-1242: [JAVA] - upgrade jackson to mitigate security vulnerabilities Jul 20, 2017
@mattdarwin mattdarwin changed the title ARROW-1242: [JAVA] - upgrade jackson to mitigate security vulnerabilities ARROW-1242: [JAVA] upgrade jackson to mitigate security vulnerabilities Jul 20, 2017
@jacques-n
Copy link
Contributor

I'm not sure the issues noted are actually relevant to our use of Jackson (they seem to be only impacting the xml component, which I don't believe we use). Let's upgrade to the version the maintenance release that fixes on the same release train as we're based on (2.7.8+) as opposed to jumping to 2.8. I think 2.7.9 is latest current train avail.

@mattdarwin
Copy link
Author

ok thanks for the feedback. will submit this in a new pull request shortly.

@mattdarwin mattdarwin mentioned this pull request Aug 1, 2017
Closed
@mattdarwin mattdarwin closed this Aug 1, 2017
asfgit pushed a commit that referenced this pull request Aug 8, 2017
@wesm
ARROW-1242: [JAVA] - upgrade jackson to mitigate security vulnerabili…
a9c2f19 
…ties

As per #872 I am upgrading Jackson to the latest version on the current train (2.7.1 --> 2.7.9)

Author: Matt Darwin <(none)>
Author: Matt <[email protected]>

Closes #929 from mattdarwin/ARROW-1242-upgrade-jackson and squashes the following commits:

d059517 [Matt Darwin] 1242 upgraing jackson to 2.7.9
bc3b6a0 [Matt] Merge pull request #1 from apache/master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mattdarwin @jacques-n