Skip to content

Commit

Permalink
[LIVY-458][BUILD] Upgrade jackson version to 2.9.5
Browse files Browse the repository at this point in the history 
## What changes were proposed in this pull request?

Due to several security issues of jackson databind module (CVE-2018-5968, CVE-2017-17485, CVE-2018-7489), here propose to upgrade jackson version 2.9.5.

## How was this patch tested?

Existing UTs.

Author: jerryshao <[email protected]>

Closes apache#87 from jerryshao/LIVY-458.
  • Loading branch information
@jerryshao
jerryshao committed Apr 18, 2018
1 parent cd8b112 commit 71c3fee
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@
<guava.version>15.0</guava.version>
<httpclient.version>4.5.3</httpclient.version>
<httpcore.version>4.4.4</httpcore.version>
<jackson.version>2.9.2</jackson.version>
<jackson.version>2.9.5</jackson.version>
<javax.servlet-api.version>3.1.0</javax.servlet-api.version>
<jetty.version>9.2.16.v20160414</jetty.version>
<json4s.version>3.2.10</json4s.version>
Expand Down

0 comments on commit 71c3fee

Please sign in to comment.