[Git][security-tracker-team/security-tracker][master] CVE-2020-10672,jackson-databind is also fixed in unstable.
Markus Koschany
apo at debian.org
Thu Jul 9 18:16:35 BST 2020
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4c6ed981 by Markus Koschany at 2020-07-09T19:16:06+02:00
CVE-2020-10672,jackson-databind is also fixed in unstable.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13904,7 +13904,7 @@ CVE-2020-10673 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the in
NOTE: but still an issue when Default Typing is enabled.
CVE-2020-10672 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
{DLA-2153-1}
- - jackson-databind <unfixed>
+ - jackson-databind 2.11.1-1
[buster] - jackson-databind <no-dsa> (Minor issue; can be fixed via a point release)
[stretch] - jackson-databind <no-dsa> (Minor issue; can be fixed via a point release)
NOTE: https://github.com/FasterXML/jackson-databind/issues/2659
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c6ed98140a84926024edfd861c42e42e67bbea1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c6ed98140a84926024edfd861c42e42e67bbea1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200709/42597ffb/attachment.html>
More information about the debian-security-tracker-commits
mailing list