Skip to content

ZOOKEEPER-4429: Update jackson-databind to 2.13.1#1787

Closed
frederiko wants to merge 1 commit intoapache:branch-3.6from
frederiko:ZOOKEEPER-4429_zk_3.6_jackson_upgrade
Closed

ZOOKEEPER-4429: Update jackson-databind to 2.13.1#1787
frederiko wants to merge 1 commit intoapache:branch-3.6from
frederiko:ZOOKEEPER-4429_zk_3.6_jackson_upgrade

Conversation

@frederiko
Copy link
Contributor

This PR updates jackson-databind to 2.13.1 to address a raised vulnerability that could possible DoS attack certain versions of Jackson. Please refer to GH issue #3328 for further info. On top of that, it also fixes now deprecated PropertyNamingStrategy class initialization issue #2715.

Copy link
Contributor

@eolivelli eolivelli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left one comment, please take a look

@frederiko frederiko force-pushed the ZOOKEEPER-4429_zk_3.6_jackson_upgrade branch from 00ba570 to 265dff9 Compare January 20, 2022 23:51
@frederiko frederiko requested a review from eolivelli January 20, 2022 23:51
@maoling maoling closed this Jan 22, 2022
@maoling maoling reopened this Jan 22, 2022
@maoling
Copy link
Member

maoling commented Jan 22, 2022

@frederiko The latest code has a checkstyle violation, we don't need that line before import java.io.IOException.
mvn checkstyle:check to check this

@frederiko
Copy link
Contributor Author

frederiko commented Jan 22, 2022

@maoling Sure. Will take a look.

@frederiko frederiko force-pushed the ZOOKEEPER-4429_zk_3.6_jackson_upgrade branch from 265dff9 to cfc7f0d Compare January 22, 2022 18:39
asfgit pushed a commit that referenced this pull request Jan 24, 2022
This PR updates jackson-databind to 2.13.1 to address a raised vulnerability that could possible DoS attack certain versions of Jackson. Please refer to GH issue #3328 for further info. On top of that, it also fixes now deprecated PropertyNamingStrategy class initialization issue #2715.

Author: Frederiko Costa <frederiko@gmail.com>

Reviewers: Enrico Olivelli <eolivelli@apache.org>, Shoothzj <shoothzj@gmail.com>, maoling <maoling@apache.org>

Closes #1787 from frederiko/ZOOKEEPER-4429_zk_3.6_jackson_upgrade
@maoling
Copy link
Member

maoling commented Jan 24, 2022

@frederiko
Thanks for your contribution.

@maoling maoling closed this Jan 24, 2022
desaikomal pushed a commit to linkedin/zookeeper that referenced this pull request Jun 17, 2023
This PR updates jackson-databind to 2.13.1 to address a raised vulnerability that could possible DoS attack certain versions of Jackson. Please refer to GH issue #3328 for further info. On top of that, it also fixes now deprecated PropertyNamingStrategy class initialization issue #2715.

Author: Frederiko Costa <frederiko@gmail.com>

Reviewers: Enrico Olivelli <eolivelli@apache.org>, Shoothzj <shoothzj@gmail.com>, maoling <maoling@apache.org>

Closes apache#1787 from frederiko/ZOOKEEPER-4429_zk_3.6_jackson_upgrade
desaikomal pushed a commit to linkedin/zookeeper that referenced this pull request Jun 27, 2023
This PR updates jackson-databind to 2.13.1 to address a raised vulnerability that could possible DoS attack certain versions of Jackson. Please refer to GH issue #3328 for further info. On top of that, it also fixes now deprecated PropertyNamingStrategy class initialization issue #2715.

Author: Frederiko Costa <frederiko@gmail.com>

Reviewers: Enrico Olivelli <eolivelli@apache.org>, Shoothzj <shoothzj@gmail.com>, maoling <maoling@apache.org>

Closes apache#1787 from frederiko/ZOOKEEPER-4429_zk_3.6_jackson_upgrade
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants