[Secure-testing-commits] r54323 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Aug 5 19:24:18 UTC 2017
Author: carnil
Date: 2017-08-05 19:24:18 +0000 (Sat, 05 Aug 2017)
New Revision: 54323
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2017-7525/jackson-databind
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-05 19:24:07 UTC (rev 54322)
+++ data/CVE/list 2017-08-05 19:24:18 UTC (rev 54323)
@@ -13708,7 +13708,7 @@
NOTE: general cases, (A) plus (B) is needed.
CVE-2017-7525 [Deserialization vulnerability via readValue method of ObjectMapper]
RESERVED
- - jackson-databind <unfixed>
+ - jackson-databind <unfixed> (bug #870848)
NOTE: https://github.com/FasterXML/jackson-databind/issues/1599
CVE-2017-7524 (tpm2-tools versions before 1.1.1 are vulnerable to a password leak due ...)
- tpm2-tools <unfixed> (bug #866257)
More information about the Secure-testing-commits
mailing list