KAFKA-13775: CVE-2020-36518 - Upgrade jackson-databind to 2.12.6.1 (#11962)

CVE-2020-36518 vulnerability affects jackson-databind (see GHSA-57j2-w4cx-62h2).

Upgrading to jackson-databind version 2.12.6.1 addresses this CVE.

Reviewers: Luke Chen <showuon@gmail.com>, Bruno Cadonna <cadonna@apache.org>

LICENSE-binary

@@ -210,7 +210,7 @@ commons-cli-1.4
 commons-lang3-3.8.1
 jackson-annotations-2.12.3
 jackson-core-2.12.3
-jackson-databind-2.12.3
+jackson-databind-2.12.6.1
 jackson-dataformat-csv-2.12.3
 jackson-datatype-jdk8-2.12.3
 jackson-jaxrs-base-2.12.3

gradle/dependencies.gradle

@@ -67,6 +67,7 @@ versions += [
   httpclient: "4.5.13",
   easymock: "4.3",
   jackson: "2.12.6",
+  jacksonDatabind: "2.12.6.1",
   jacoco: "0.8.7",
   javassist: "3.27.0-GA",
   jetty: "9.4.44.v20210927",
@@ -135,7 +136,7 @@ libs += [
   commonsCli: "commons-cli:commons-cli:$versions.commonsCli",
   easymock: "org.easymock:easymock:$versions.easymock",
   jacksonAnnotations: "com.fasterxml.jackson.core:jackson-annotations:$versions.jackson",
-  jacksonDatabind: "com.fasterxml.jackson.core:jackson-databind:$versions.jackson",
+  jacksonDatabind: "com.fasterxml.jackson.core:jackson-databind:$versions.jacksonDatabind",
   jacksonDataformatCsv: "com.fasterxml.jackson.dataformat:jackson-dataformat-csv:$versions.jackson",
   jacksonModuleScala: "com.fasterxml.jackson.module:jackson-module-scala_$versions.baseScala:$versions.jackson",
   jacksonJDK8Datatypes: "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:$versions.jackson",