[Git][security-tracker-team/security-tracker][master] CVE-2019-17531/jackson-databind fixed in unstable
Salvatore Bonaccorso
carnil at debian.org
Sun Dec 15 20:00:30 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2133bda4 by Salvatore Bonaccorso at 2019-12-15T19:59:50Z
CVE-2019-17531/jackson-databind fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12706,7 +12706,7 @@ CVE-2019-17532 (An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.
NOT-FOR-US: Belkin
CVE-2019-17531 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
{DLA-2030-1}
- - jackson-databind <unfixed>
+ - jackson-databind 2.10.1-1
NOTE: https://github.com/FasterXML/jackson-databind/issues/2498
NOTE: https://github.com/FasterXML/jackson-databind/commit/b5a304a98590b6bb766134f9261e6566dcbbb6d0
NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2133bda4eb9c63b4913f26d2bc7c8e6204150911
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2133bda4eb9c63b4913f26d2bc7c8e6204150911
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191215/a029d7c3/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list