Bug#823703: CVE-2016-3720

Moritz Muehlenhoff jmm at debian.org
Sat May 7 21:24:05 UTC 2016

Previous message: Processing of openjfx_8u91-b14-1_amd64.changes
Next message: Bug#823703: marked as done (CVE-2016-3720)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Source: jackson-dataformat-xml
Severity: grave
Tags: security

jackson-dataformat-xml is susceptible to XXE attacks, this was
assigned CVE-2016-3720. Fix is here:
https://github.com/FasterXML/jackson-dataformat-xml/commit/f0f19a4c924d9db9a1e2830434061c8640092cc0

Cheers,
        Moritz

Previous message: Processing of openjfx_8u91-b14-1_amd64.changes
Next message: Bug#823703: marked as done (CVE-2016-3720)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the pkg-java-maintainers mailing list