[Secure-testing-commits] r56628 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Oct 12 05:15:31 UTC 2017
Author: carnil
Date: 2017-10-12 05:15:30 +0000 (Thu, 12 Oct 2017)
New Revision: 56628
Modified:
data/CVE/list
Log:
Add fixing version for CVE-2017-7525, fixed with new upstream release
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-12 04:56:43 UTC (rev 56627)
+++ data/CVE/list 2017-10-12 05:15:30 UTC (rev 56628)
@@ -22406,7 +22406,7 @@
NOTE: GnuPG1: https://dev.gnupg.org/D438
CVE-2017-7525 [Deserialization vulnerability via readValue method of ObjectMapper]
RESERVED
- - jackson-databind <unfixed> (bug #870848)
+ - jackson-databind 2.9.1-1 (bug #870848)
NOTE: https://github.com/FasterXML/jackson-databind/issues/1599
CVE-2017-7524 (tpm2-tools versions before 1.1.1 are vulnerable to a password leak due ...)
- tpm2-tools 2.1.0-1 (bug #866257)
More information about the Secure-testing-commits
mailing list