Skip to content

Commit

Permalink
[CVE-2020-36518] Update jackson-databind to 2.13.2.2 (#2705)
Browse files Browse the repository at this point in the history
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
  • Loading branch information
reta authored Apr 1, 2022
1 parent 6c1599c commit dc46a09
Show file tree
Hide file tree
Showing 24 changed files with 18 additions and 17 deletions.
2 changes: 1 addition & 1 deletion buildSrc/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ dependencies {
api 'com.avast.gradle:gradle-docker-compose-plugin:0.12.1'
api 'org.apache.maven:maven-model:3.6.2'
api 'com.networknt:json-schema-validator:1.0.36'
api "com.fasterxml.jackson.core:jackson-databind:${props.getProperty('jackson')}"
api "com.fasterxml.jackson.core:jackson-databind:${props.getProperty('jackson_databind')}"

testFixturesApi "junit:junit:${props.getProperty('junit')}"
testFixturesApi "com.carrotsearch.randomizedtesting:randomizedtesting-runner:${props.getProperty('randomizedrunner')}"
Expand Down
1 change: 1 addition & 0 deletions buildSrc/version.properties
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ bundled_jdk = 11.0.14.1+1
spatial4j = 0.7
jts = 1.15.0
jackson = 2.13.2
jackson_databind = 2.13.2.2
snakeyaml = 1.26
icu4j = 62.1
supercsv = 2.4.0
Expand Down
2 changes: 1 addition & 1 deletion distribution/tools/upgrade-cli/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ dependencies {
compileOnly project(":server")
compileOnly project(":libs:opensearch-cli")
implementation "com.fasterxml.jackson.core:jackson-core:${versions.jackson}"
implementation "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
implementation "com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}"
implementation "com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}"
testImplementation project(":test:framework")
testImplementation 'com.google.jimfs:jimfs:1.2'
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ffeb635597d093509f33e1e94274d14be610f933

This file was deleted.

2 changes: 1 addition & 1 deletion libs/dissect/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ dependencies {
}
testImplementation "com.fasterxml.jackson.core:jackson-core:${versions.jackson}"
testImplementation "com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}"
testImplementation "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
testImplementation "com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}"
}

tasks.named('forbiddenApisMain').configure {
Expand Down
2 changes: 1 addition & 1 deletion modules/ingest-geoip/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ dependencies {
api('com.maxmind.geoip2:geoip2:2.16.1')
// geoip2 dependencies:
api("com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}")
api("com.fasterxml.jackson.core:jackson-databind:${versions.jackson}")
api("com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}")
api('com.maxmind.db:maxmind-db:2.0.0')

testImplementation 'org.elasticsearch:geolite2-databases:20191119'
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ffeb635597d093509f33e1e94274d14be610f933

This file was deleted.

2 changes: 1 addition & 1 deletion plugins/discovery-ec2/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ dependencies {
api "commons-logging:commons-logging:${versions.commonslogging}"
api "org.apache.logging.log4j:log4j-1.2-api:${versions.log4j}"
api "commons-codec:commons-codec:${versions.commonscodec}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}"
api "com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}"
}

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ffeb635597d093509f33e1e94274d14be610f933

This file was deleted.

2 changes: 1 addition & 1 deletion plugins/repository-azure/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ dependencies {
api 'io.projectreactor.netty:reactor-netty-http:1.0.16'
api "org.slf4j:slf4j-api:${versions.slf4j}"
api "com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}"
api "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:${versions.jackson}"
api "com.fasterxml.jackson.dataformat:jackson-dataformat-xml:${versions.jackson}"
api "com.fasterxml.jackson.module:jackson-module-jaxb-annotations:${versions.jackson}"
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ffeb635597d093509f33e1e94274d14be610f933

This file was deleted.

2 changes: 1 addition & 1 deletion plugins/repository-hdfs/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ dependencies {
api 'org.apache.htrace:htrace-core4:4.1.0-incubating'
api "org.apache.logging.log4j:log4j-core:${versions.log4j}"
api 'org.apache.avro:avro:1.10.2'
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}"
api 'com.google.code.gson:gson:2.9.0'
runtimeOnly 'com.google.guava:guava:30.1.1-jre'
api 'com.google.protobuf:protobuf-java:3.19.3'
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ffeb635597d093509f33e1e94274d14be610f933

This file was deleted.

2 changes: 1 addition & 1 deletion plugins/repository-s3/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ dependencies {
api "org.apache.logging.log4j:log4j-1.2-api:${versions.log4j}"
api "commons-codec:commons-codec:${versions.commonscodec}"
api "com.fasterxml.jackson.core:jackson-core:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}"
api "com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}"
api "com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:${versions.jackson}"
api "joda-time:joda-time:${versions.joda}"
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
ffeb635597d093509f33e1e94274d14be610f933

This file was deleted.

2 changes: 1 addition & 1 deletion qa/os/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ dependencies {

testImplementation "com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}"
testImplementation "com.fasterxml.jackson.core:jackson-core:${versions.jackson}"
testImplementation "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
testImplementation "com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}"
}

tasks.named('forbiddenApisTest').configure {
Expand Down
2 changes: 1 addition & 1 deletion qa/wildfly/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ dependencies {
}
api "com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-core:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}"
api "com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider:${versions.jackson}"
api "com.fasterxml.jackson.jaxrs:jackson-jaxrs-base:${versions.jackson}"
api "com.fasterxml.jackson.module:jackson-module-jaxb-annotations:${versions.jackson}"
Expand Down
2 changes: 1 addition & 1 deletion test/fixtures/hdfs-fixture/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,6 @@ dependencies {
api 'com.google.code.gson:gson:2.9.0'
api "org.bouncycastle:bcpkix-jdk15on:${versions.bouncycastle}"
api "com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson_databind}"
api 'net.minidev:json-smart:2.4.8'
}

0 comments on commit dc46a09

Please sign in to comment.