[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7489/jackson-databind
Salvatore Bonaccorso
carnil at debian.org
Tue Feb 27 06:15:44 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
06213cd6 by Salvatore Bonaccorso at 2018-02-27T07:14:57+01:00
Add CVE-2018-7489/jackson-databind
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -7,7 +7,9 @@ CVE-2018-7491 (In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking ...)
CVE-2018-7490
RESERVED
CVE-2018-7489 (FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 ...)
- TODO: check
+ - jackson-databind <unfixed>
+ NOTE: https://github.com/FasterXML/jackson-databind/issues/1931
+ NOTE: https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2
CVE-2018-7488
RESERVED
CVE-2018-7487 (There is a heap-based buffer overflow in the LoadPCX function of ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/06213cd613013c68714c76ad690733ddfee90b85
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/06213cd613013c68714c76ad690733ddfee90b85
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180227/56cafc87/attachment.html>
More information about the Secure-testing-commits
mailing list