Skip to content

ARROW-1242: [JAVA] upgrade jackson to mitigate security vulnerabilities #872

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

ARROW-1242: [JAVA] upgrade jackson to mitigate security vulnerabilities #872

wants to merge 3 commits into from

Conversation

@mattdarwin
Copy link

No description provided.

@mattdarwin mattdarwin changed the title 1242 - upgrade jackson to mitigate security vulnerabilities ARROW-1242: [JAVA] - upgrade jackson to mitigate security vulnerabilities Jul 20, 2017
@mattdarwin mattdarwin changed the title ARROW-1242: [JAVA] - upgrade jackson to mitigate security vulnerabilities ARROW-1242: [JAVA] upgrade jackson to mitigate security vulnerabilities Jul 20, 2017
@jacques-n
Copy link
Contributor

I'm not sure the issues noted are actually relevant to our use of Jackson (they seem to be only impacting the xml component, which I don't believe we use). Let's upgrade to the version the maintenance release that fixes on the same release train as we're based on (2.7.8+) as opposed to jumping to 2.8. I think 2.7.9 is latest current train avail.

@mattdarwin
Copy link
Author

ok thanks for the feedback. will submit this in a new pull request shortly.

@mattdarwin mattdarwin mentioned this pull request Aug 1, 2017
Closed
@mattdarwin mattdarwin closed this Aug 1, 2017
asfgit pushed a commit that referenced this pull request Aug 8, 2017
@wesm
ARROW-1242: [JAVA] - upgrade jackson to mitigate security vulnerabili…
a9c2f19 
…ties

As per #872 I am upgrading Jackson to the latest version on the current train (2.7.1 --> 2.7.9)

Author: Matt Darwin <(none)>
Author: Matt <mattdarwin@yahoo.co.uk>

Closes #929 from mattdarwin/ARROW-1242-upgrade-jackson and squashes the following commits:

d059517 [Matt Darwin] 1242 upgraing jackson to 2.7.9
bc3b6a0 [Matt] Merge pull request #1 from apache/master
pribor pushed a commit to GlobalWebIndex/arrow that referenced this pull request Oct 24, 2025
@kou
ARROW-1242: [JAVA] - upgrade jackson to mitigate security vulnerabili…
6a21b93 
…ties

As per apache#872 I am upgrading Jackson to the latest version on the current train (2.7.1 --> 2.7.9)

Author: Matt Darwin <(none)>
Author: Matt <mattdarwin@yahoo.co.uk>

Closes apache#929 from mattdarwin/ARROW-1242-upgrade-jackson and squashes the following commits:

d059517 [Matt Darwin] 1242 upgraing jackson to 2.7.9
bc3b6a0 [Matt] Merge pull request #1 from apache/master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mattdarwin @jacques-n