[Git][security-tracker-team/security-tracker][master] Reserve DSA-5283-1 for jackson-databind
Markus Koschany (@apo)
apo at debian.org
Thu Nov 17 11:12:57 GMT 2022
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
557d34f3 by Markus Koschany at 2022-11-17T12:12:34+01:00
Reserve DSA-5283-1 for jackson-databind
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -53880,7 +53880,6 @@ CVE-2021-46708 (The swagger-ui-dist package before 4.1.3 for Node.js could allow
CVE-2020-36518 (jackson-databind before 2.13.0 allows a Java StackOverflow exception a ...)
{DLA-2990-1}
- jackson-databind 2.13.2.2-1 (bug #1007109)
- [bullseye] - jackson-databind <no-dsa> (Minor issue)
[buster] - jackson-databind <no-dsa> (Minor issue)
NOTE: https://github.com/FasterXML/jackson-databind/issues/2816
CVE-2018-25031 (Swagger UI before 4.1.3 could allow a remote attacker to conduct spoof ...)
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[17 Nov 2022] DSA-5283-1 jackson-databind - security update
+ {CVE-2020-36518 CVE-2022-42003 CVE-2022-42004}
+ [bullseye] - jackson-databind 2.12.1-1+deb11u1
[17 Nov 2022] DSA-5279-2 wordpress - security update
[bullseye] - wordpress 5.7.8+dfsg1-0+deb11u2
[16 Nov 2022] DSA-5282-1 firefox-esr - security update
=====================================
data/dsa-needed.txt
=====================================
@@ -22,8 +22,6 @@ gerbv
--
heimdal (carnil)
--
-jackson-databind (apo)
---
krb5
--
linux (carnil)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/557d34f33720d48cc6e183a9bd11d8a4994210d0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/557d34f33720d48cc6e183a9bd11d8a4994210d0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221117/4c19dbe7/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list