Skip to content

Commit c330f6c

Browse files
author
Liudmila Molkova
authored
Update jackson to 2.13.2, databind to 2.13.2.1 - CVE-2020-36518 (Azure#27847)
* Update jackson version to 2.13.2 * databind 2.13.2.1
1 parent 346c54c commit c330f6c

File tree

31 files changed

+160
-159
lines changed

31 files changed

+160
-159
lines changed

common/perf-test-core/pom.xml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@
4646
<rules>
4747
<bannedDependencies>
4848
<includes combine.children="append">
49-
<include>com.fasterxml.jackson.core:jackson-databind:[2.13.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
49+
<include>com.fasterxml.jackson.core:jackson-databind:[2.13.2.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
5050

5151
<!-- Special allowance for performance libraries as they aren't shipped. -->
5252
<include>com.beust:jcommander:[1.78]</include> <!-- {x-include-update;com.beust:jcommander;external_dependency} -->
@@ -64,7 +64,7 @@
6464
<dependency>
6565
<groupId>com.fasterxml.jackson.core</groupId>
6666
<artifactId>jackson-databind</artifactId>
67-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
67+
<version>2.13.2.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
6868
</dependency>
6969
<dependency>
7070
<groupId>com.beust</groupId>

eng/bomgenerator/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@
3737
<dependency>
3838
<groupId>com.fasterxml.jackson.dataformat</groupId>
3939
<artifactId>jackson-dataformat-xml</artifactId>
40-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.dataformat:jackson-dataformat-xml;external_dependency} -->
40+
<version>2.13.2</version> <!-- {x-version-update;com.fasterxml.jackson.dataformat:jackson-dataformat-xml;external_dependency} -->
4141
</dependency>
4242
</dependencies>
4343
<build>

eng/versioning/external_dependencies.txt

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -7,15 +7,15 @@
77

88
# Format;
99
# groupId:artifactId;dependency-version
10-
com.fasterxml.jackson.core:jackson-annotations;2.13.1
11-
com.fasterxml.jackson.core:jackson-core;2.13.1
12-
com.fasterxml.jackson.core:jackson-databind;2.13.1
13-
com.fasterxml.jackson.dataformat:jackson-dataformat-avro;2.13.1
14-
com.fasterxml.jackson.dataformat:jackson-dataformat-xml;2.13.1
15-
com.fasterxml.jackson.datatype:jackson-datatype-jdk8;2.13.1
16-
com.fasterxml.jackson.datatype:jackson-datatype-jsr310;2.13.1
17-
com.fasterxml.jackson.module:jackson-module-parameter-names;2.13.1
18-
com.fasterxml.jackson.module:jackson-module-scala_2.12;2.13.1
10+
com.fasterxml.jackson.core:jackson-annotations;2.13.2
11+
com.fasterxml.jackson.core:jackson-core;2.13.2
12+
com.fasterxml.jackson.core:jackson-databind;2.13.2.1
13+
com.fasterxml.jackson.dataformat:jackson-dataformat-avro;2.13.2
14+
com.fasterxml.jackson.dataformat:jackson-dataformat-xml;2.13.2
15+
com.fasterxml.jackson.datatype:jackson-datatype-jdk8;2.13.2
16+
com.fasterxml.jackson.datatype:jackson-datatype-jsr310;2.13.2
17+
com.fasterxml.jackson.module:jackson-module-parameter-names;2.13.2
18+
com.fasterxml.jackson.module:jackson-module-scala_2.12;2.13.2
1919
com.github.spotbugs:spotbugs;4.2.2
2020
com.github.spotbugs:spotbugs-annotations;4.2.2
2121
com.github.spotbugs:spotbugs-maven-plugin;4.2.2
@@ -303,7 +303,7 @@ org.ow2.asm:asm;9.1
303303
test_jar_com.microsoft.azure:azure-mgmt-resources;1.3.1-SNAPSHOT
304304

305305
# everything under sdk\cosmos
306-
cosmos_com.fasterxml.jackson.module:jackson-module-afterburner;2.12.5
306+
cosmos_com.fasterxml.jackson.module:jackson-module-afterburner;2.13.2
307307
cosmos_com.google.guava:guava;25.0-jre
308308
cosmos_com.microsoft.data.encryption:cryptography;0.2.2.jre8-preview
309309
cosmos_com.microsoft.data.encryption:azure-key-vault-keystoreprovider;0.2.2.jre8-preview

sdk/appconfiguration/azure-spring-cloud-appconfiguration-config/pom.xml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -52,12 +52,12 @@
5252
<dependency>
5353
<groupId>com.fasterxml.jackson.core</groupId>
5454
<artifactId>jackson-annotations</artifactId>
55-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
55+
<version>2.13.2</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
5656
</dependency>
5757
<dependency>
5858
<groupId>com.fasterxml.jackson.core</groupId>
5959
<artifactId>jackson-databind</artifactId>
60-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
60+
<version>2.13.2.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
6161
</dependency>
6262
<!--Azure Java SDK -->
6363
<dependency>
@@ -132,8 +132,8 @@
132132
<rules>
133133
<bannedDependencies>
134134
<includes>
135-
<include>com.fasterxml.jackson.core:jackson-annotations:[2.13.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
136-
<include>com.fasterxml.jackson.core:jackson-databind:[2.13.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
135+
<include>com.fasterxml.jackson.core:jackson-annotations:[2.13.2]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
136+
<include>com.fasterxml.jackson.core:jackson-databind:[2.13.2.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
137137
<include>javax.annotation:javax.annotation-api:[1.3.2]</include> <!-- {x-include-update;javax.annotation:javax.annotation-api;external_dependency} -->
138138
<include>org.apache.commons:commons-lang3:[3.12.0]</include> <!-- {x-include-update;org.apache.commons:commons-lang3;external_dependency} -->
139139
<include>org.apache.httpcomponents:httpclient:[4.5.13]</include> <!-- {x-include-update;org.apache.httpcomponents:httpclient;external_dependency} -->

sdk/appconfiguration/azure-spring-cloud-feature-management/pom.xml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -33,12 +33,12 @@
3333
<dependency>
3434
<groupId>com.fasterxml.jackson.core</groupId>
3535
<artifactId>jackson-annotations</artifactId>
36-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
36+
<version>2.13.2</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
3737
</dependency>
3838
<dependency>
3939
<groupId>com.fasterxml.jackson.core</groupId>
4040
<artifactId>jackson-databind</artifactId>
41-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
41+
<version>2.13.2.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
4242
</dependency>
4343
<dependency>
4444
<groupId>io.projectreactor.netty</groupId>
@@ -62,8 +62,8 @@
6262
<rules>
6363
<bannedDependencies>
6464
<includes>
65-
<include>com.fasterxml.jackson.core:jackson-annotations:[2.13.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
66-
<include>com.fasterxml.jackson.core:jackson-databind:[2.13.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
65+
<include>com.fasterxml.jackson.core:jackson-annotations:[2.13.2]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
66+
<include>com.fasterxml.jackson.core:jackson-databind:[2.13.2.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
6767
<include>io.projectreactor.netty:reactor-netty:[1.0.15]</include> <!-- {x-include-update;io.projectreactor.netty:reactor-netty;external_dependency} -->
6868
<include>org.springframework.boot:spring-boot-starter:[2.6.3]</include> <!-- {x-include-update;org.springframework.boot:spring-boot-starter;external_dependency} -->
6969
<include>org.springframework:spring-context:[5.3.15]</include> <!-- {x-include-update;org.springframework:spring-context;external_dependency} -->

sdk/appconfiguration/spring-cloud-azure-appconfiguration-config/pom.xml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -51,12 +51,12 @@
5151
<dependency>
5252
<groupId>com.fasterxml.jackson.core</groupId>
5353
<artifactId>jackson-annotations</artifactId>
54-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
54+
<version>2.13.2</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
5555
</dependency>
5656
<dependency>
5757
<groupId>com.fasterxml.jackson.core</groupId>
5858
<artifactId>jackson-databind</artifactId>
59-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
59+
<version>2.13.2.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
6060
</dependency>
6161
<dependency>
6262
<groupId>org.springframework</groupId>
@@ -153,8 +153,8 @@
153153
<rules>
154154
<bannedDependencies>
155155
<includes>
156-
<include>com.fasterxml.jackson.core:jackson-annotations:[2.13.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
157-
<include>com.fasterxml.jackson.core:jackson-databind:[2.13.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
156+
<include>com.fasterxml.jackson.core:jackson-annotations:[2.13.2]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
157+
<include>com.fasterxml.jackson.core:jackson-databind:[2.13.2.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
158158
<include>javax.annotation:javax.annotation-api:[1.3.2]</include> <!-- {x-include-update;javax.annotation:javax.annotation-api;external_dependency} -->
159159
<include>org.apache.commons:commons-lang3:[3.12.0]</include> <!-- {x-include-update;org.apache.commons:commons-lang3;external_dependency} -->
160160
<include>org.apache.httpcomponents:httpclient:[4.5.13]</include> <!-- {x-include-update;org.apache.httpcomponents:httpclient;external_dependency} -->

sdk/appconfiguration/spring-cloud-azure-feature-management/pom.xml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -34,12 +34,12 @@
3434
<dependency>
3535
<groupId>com.fasterxml.jackson.core</groupId>
3636
<artifactId>jackson-annotations</artifactId>
37-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
37+
<version>2.13.2</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
3838
</dependency>
3939
<dependency>
4040
<groupId>com.fasterxml.jackson.core</groupId>
4141
<artifactId>jackson-databind</artifactId>
42-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
42+
<version>2.13.2.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
4343
</dependency>
4444
<dependency>
4545
<groupId>io.projectreactor.netty</groupId>
@@ -75,8 +75,8 @@
7575
<rules>
7676
<bannedDependencies>
7777
<includes>
78-
<include>com.fasterxml.jackson.core:jackson-annotations:[2.13.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
79-
<include>com.fasterxml.jackson.core:jackson-databind:[2.13.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
78+
<include>com.fasterxml.jackson.core:jackson-annotations:[2.13.2]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
79+
<include>com.fasterxml.jackson.core:jackson-databind:[2.13.2.1]</include> <!-- {x-include-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
8080
<include>io.projectreactor.netty:reactor-netty:[1.0.15]</include> <!-- {x-include-update;io.projectreactor.netty:reactor-netty;external_dependency} -->
8181
<include>org.springframework.boot:spring-boot-starter:[2.6.3]</include> <!-- {x-include-update;org.springframework.boot:spring-boot-starter;external_dependency} -->
8282
<include>org.springframework:spring-context:[5.3.15]</include> <!-- {x-include-update;org.springframework:spring-context;external_dependency} -->

sdk/batch/microsoft-azure-batch/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -71,7 +71,7 @@
7171
<dependency>
7272
<groupId>com.fasterxml.jackson.core</groupId>
7373
<artifactId>jackson-core</artifactId>
74-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-core;external_dependency} -->
74+
<version>2.13.2</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-core;external_dependency} -->
7575
<scope>test</scope>
7676
</dependency>
7777

sdk/core/azure-core-jackson-tests/pom.xml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -71,31 +71,31 @@
7171
<dependency>
7272
<groupId>com.fasterxml.jackson.core</groupId>
7373
<artifactId>jackson-annotations</artifactId>
74-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
74+
<version>2.13.2</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-annotations;external_dependency} -->
7575
<scope>test</scope>
7676
</dependency>
7777
<dependency>
7878
<groupId>com.fasterxml.jackson.core</groupId>
7979
<artifactId>jackson-core</artifactId>
80-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-core;external_dependency} -->
80+
<version>2.13.2</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-core;external_dependency} -->
8181
<scope>test</scope>
8282
</dependency>
8383
<dependency>
8484
<groupId>com.fasterxml.jackson.core</groupId>
8585
<artifactId>jackson-databind</artifactId>
86-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
86+
<version>2.13.2.1</version> <!-- {x-version-update;com.fasterxml.jackson.core:jackson-databind;external_dependency} -->
8787
<scope>test</scope>
8888
</dependency>
8989
<dependency>
9090
<groupId>com.fasterxml.jackson.datatype</groupId>
9191
<artifactId>jackson-datatype-jsr310</artifactId>
92-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.datatype:jackson-datatype-jsr310;external_dependency} -->
92+
<version>2.13.2</version> <!-- {x-version-update;com.fasterxml.jackson.datatype:jackson-datatype-jsr310;external_dependency} -->
9393
<scope>test</scope>
9494
</dependency>
9595
<dependency>
9696
<groupId>com.fasterxml.jackson.dataformat</groupId>
9797
<artifactId>jackson-dataformat-xml</artifactId>
98-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.dataformat:jackson-dataformat-xml;external_dependency} -->
98+
<version>2.13.2</version> <!-- {x-version-update;com.fasterxml.jackson.dataformat:jackson-dataformat-xml;external_dependency} -->
9999
<scope>test</scope>
100100
</dependency>
101101

sdk/core/azure-core-serializer-avro-jackson/pom.xml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@
7474
<dependency>
7575
<groupId>com.fasterxml.jackson.dataformat</groupId>
7676
<artifactId>jackson-dataformat-avro</artifactId>
77-
<version>2.13.1</version> <!-- {x-version-update;com.fasterxml.jackson.dataformat:jackson-dataformat-avro;external_dependency} -->
77+
<version>2.13.2</version> <!-- {x-version-update;com.fasterxml.jackson.dataformat:jackson-dataformat-avro;external_dependency} -->
7878
</dependency>
7979

8080
<dependency>
@@ -113,7 +113,7 @@
113113
<rules>
114114
<bannedDependencies>
115115
<includes>
116-
<include>com.fasterxml.jackson.dataformat:jackson-dataformat-avro:[2.13.1]</include> <!-- {x-include-update;com.fasterxml.jackson.dataformat:jackson-dataformat-avro;external_dependency} -->
116+
<include>com.fasterxml.jackson.dataformat:jackson-dataformat-avro:[2.13.2]</include> <!-- {x-include-update;com.fasterxml.jackson.dataformat:jackson-dataformat-avro;external_dependency} -->
117117
</includes>
118118
</bannedDependencies>
119119
</rules>

0 commit comments

Comments
 (0)