Skip to content

Commit

Permalink
Update Jackson Databind to 2.13.4.2 (addressing CVE-2022-42003) (#4779)
Browse files Browse the repository at this point in the history 
Signed-off-by: Andriy Redko <[email protected]>

Signed-off-by: Andriy Redko <[email protected]>
  • Loading branch information
@reta
reta authored Oct 13, 2022
1 parent 18f1fa3 commit 12f26d3
Show file tree
Hide file tree
Showing 14 changed files with 8 additions and 7 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
- Bumps `jempbox` from 1.8.16 to 1.8.17 ([#4550](https://github.com/opensearch-project/OpenSearch/pull/4550))
- Bumps `hadoop-hdfs` from 3.3.3 to 3.3.4 ([#4644](https://github.com/opensearch-project/OpenSearch/pull/4644))
- Bumps `jna` from 5.11.0 to 5.12.1 ([#4656](https://github.com/opensearch-project/OpenSearch/pull/4656))
- Update Jackson Databind to 2.13.4.2 (addressing CVE-2022-42003) ([#4779](https://github.com/opensearch-project/OpenSearch/pull/4779))
### Changed
- Dependency updates (httpcore, mockito, slf4j, httpasyncclient, commons-codec) ([#4308](https://github.com/opensearch-project/OpenSearch/pull/4308))
- Use RemoteSegmentStoreDirectory instead of RemoteDirectory ([#4240](https://github.com/opensearch-project/OpenSearch/pull/4240))
Expand Down
2 changes: 1 addition & 1 deletion buildSrc/version.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ bundled_jdk = 17.0.4+8
spatial4j = 0.7
jts = 1.15.0
jackson = 2.13.4
jackson_databind = 2.13.4
jackson_databind = 2.13.4.2
snakeyaml = 1.32
icu4j = 70.1
supercsv = 2.4.0
Expand Down
1 change: 1 addition & 0 deletions distribution/tools/upgrade-cli/licenses/jackson-databind-2.13.4.2.jar.sha1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
325c06bdfeb628cfb80ebaaf1a26cc1eb558a585
1 change: 0 additions & 1 deletion distribution/tools/upgrade-cli/licenses/jackson-databind-2.13.4.jar.sha1
View file

This file was deleted.

1 change: 1 addition & 0 deletions modules/ingest-geoip/licenses/jackson-databind-2.13.4.2.jar.sha1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
325c06bdfeb628cfb80ebaaf1a26cc1eb558a585
1 change: 0 additions & 1 deletion modules/ingest-geoip/licenses/jackson-databind-2.13.4.jar.sha1
View file

This file was deleted.

1 change: 1 addition & 0 deletions plugins/discovery-ec2/licenses/jackson-databind-2.13.4.2.jar.sha1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
325c06bdfeb628cfb80ebaaf1a26cc1eb558a585
1 change: 0 additions & 1 deletion plugins/discovery-ec2/licenses/jackson-databind-2.13.4.jar.sha1
View file

This file was deleted.

1 change: 1 addition & 0 deletions plugins/repository-azure/licenses/jackson-databind-2.13.4.2.jar.sha1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
325c06bdfeb628cfb80ebaaf1a26cc1eb558a585
1 change: 0 additions & 1 deletion plugins/repository-azure/licenses/jackson-databind-2.13.4.jar.sha1
View file

This file was deleted.

1 change: 1 addition & 0 deletions plugins/repository-hdfs/licenses/jackson-databind-2.13.4.2.jar.sha1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
325c06bdfeb628cfb80ebaaf1a26cc1eb558a585
1 change: 0 additions & 1 deletion plugins/repository-hdfs/licenses/jackson-databind-2.13.4.jar.sha1
View file

This file was deleted.

1 change: 1 addition & 0 deletions plugins/repository-s3/licenses/jackson-databind-2.13.4.2.jar.sha1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
325c06bdfeb628cfb80ebaaf1a26cc1eb558a585
1 change: 0 additions & 1 deletion plugins/repository-s3/licenses/jackson-databind-2.13.4.jar.sha1
View file

This file was deleted.

0 comments on commit 12f26d3

Please sign in to comment.