<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acc06707f7a256a6707b5ec0f8a4db50493e4481">acc06707</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2020-03-02T09:24:50+01:00</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Add three jackson-databind issues

Note those will be fixed at some point as well in the 2.10 series, but

with the default beeing safer upstream does not fix those right away in

the master branch and rather only in the older supported branches.

Likely we can mark those as no-dsa for stretch and buster as there is a

constant stream of such issues finding more gadgets to be blocked.

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acc06707f7a256a6707b5ec0f8a4db50493e4481#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acc06707f7a256a6707b5ec0f8a4db50493e4481">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acc06707f7a256a6707b5ec0f8a4db50493e4481"}}</script>

</p>

</div>

</body>

</html>