diff options
author | Frederiko Costa <frederiko@gmail.com> | 2022-01-22 14:51:09 +0800 |
---|---|---|
committer | maoling <maoling@apache.org> | 2022-01-22 14:51:09 +0800 |
commit | f1084cde2f977dd7dace7f77662b19ab494405b3 (patch) | |
tree | f4208024d67630030e1823a967893e2c12f592ef | |
parent | e0d9ec44a9cd76158e575d4318543825f08112ba (diff) | |
download | zookeeper-f1084cde2f977dd7dace7f77662b19ab494405b3.tar.gz |
ZOOKEEPER-4429: Update jackson-databind to 2.13.1
This PR updates jackson-databind to 2.13.1 to address a raised vulnerability that could possible DoS attack certain versions of Jackson. Please refer to GH issue #3328 for further info. On top of that, it also fixes now deprecated `PropertyNamingStrategy` class initialization issue #2715.
Author: Frederiko Costa <frederiko@gmail.com>
Reviewers: Enrico Olivelli <eolivelli@apache.org>, Shoothzj <shoothzj@gmail.com>, maoling <maoling@apache.org>
Closes #1786 from frederiko/ZOOKEEPER-4429_update_jackson_databind
-rw-r--r-- | build.xml | 2 | ||||
-rwxr-xr-x | pom.xml | 2 | ||||
-rw-r--r-- | zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java | 4 |
3 files changed, 4 insertions, 4 deletions
@@ -55,7 +55,7 @@ xmlns:cs="antlib:com.puppycrawl.tools.checkstyle.ant"> <property name="javacc.version" value="5.0"/> <property name="jetty.version" value="9.4.43.v20210629"/> - <property name="jackson.version" value="2.10.3"/> + <property name="jackson.version" value="2.13.1"/> <property name="dependency-check-ant.version" value="5.2.4"/> <property name="commons-io.version" value="2.6"/> @@ -299,7 +299,7 @@ <commons-cli.version>1.2</commons-cli.version> <jetty.version>9.4.43.v20210629</jetty.version> <netty.version>4.1.70.Final</netty.version> - <jackson.version>2.10.5.1</jackson.version> + <jackson.version>2.13.1</jackson.version> <json.version>1.1.1</json.version> <jline.version>2.14.6</jline.version> <snappy.version>1.1.7</snappy.version> diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java index 566444fdb..62e83c906 100644 --- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java +++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java @@ -21,7 +21,7 @@ package org.apache.zookeeper.server.admin; import com.fasterxml.jackson.core.JsonGenerationException; import com.fasterxml.jackson.databind.JsonMappingException; import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.PropertyNamingStrategy; +import com.fasterxml.jackson.databind.PropertyNamingStrategies; import com.fasterxml.jackson.databind.SerializationFeature; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -40,7 +40,7 @@ public class JsonOutputter implements CommandOutputter { mapper = new ObjectMapper(); mapper.configure(SerializationFeature.WRITE_ENUMS_USING_TO_STRING, true); mapper.configure(SerializationFeature.INDENT_OUTPUT, true); - mapper.setPropertyNamingStrategy(PropertyNamingStrategy.SNAKE_CASE); + mapper.setPropertyNamingStrategy(PropertyNamingStrategies.SNAKE_CASE); } @Override |