[Git][security-tracker-team/security-tracker][master] CVE-2022-42003,CVE-2022-42004,jackson-databind: fixed in unstable

[Markus Koschany (@apo)]

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c2d69089 by Markus Koschany at 2022-11-12T15:51:39+01:00
CVE-2022-42003,CVE-2022-42004,jackson-databind: fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11015,12 +11015,12 @@ CVE-2022-42006
 CVE-2022-42005
 	RESERVED
 CVE-2022-42004 (In FasterXML jackson-databind before 2.13.4, resource exhaustion can o ...)
-	- jackson-databind <unfixed>
+	- jackson-databind 2.14.0-1
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/3582
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88 (jackson-databind-2.13.4)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490
 CVE-2022-42003 (In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion c ...)
-	- jackson-databind <unfixed>
+	- jackson-databind 2.14.0-1
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/3590
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33 (jackson-databind-2.14.0-rc1)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51020



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2d690890abe55bc8d57857450d8770fc9ea4820

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2d690890abe55bc8d57857450d8770fc9ea4820
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221112/e0c69d3d/attachment-0001.htm>