Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: 538d13fb by Markus Koschany at 2022-04-30T14:18:50+02:00 jackson-databind,CVE-2020-36518 fixed in unstable - - - - - 1ffebba6 by Markus Koschany at 2022-04-30T14:19:22+02:00 Claim jackson-databind in dla-needed.txt - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -8707,7 +8707,7 @@ CVE-2021-46708 (The swagger-ui-dist package before 4.1.3 for Node.js could allow - node-swagger-ui <itp> (bug #871461) - swagger-ui <itp> (bug #895422) CVE-2020-36518 (jackson-databind before 2.13.0 allows a Java StackOverflow exception a ...) - - jackson-databind <unfixed> (bug #1007109) + - jackson-databind 2.13.2.2-1 (bug #1007109) [bullseye] - jackson-databind <no-dsa> (Minor issue) [buster] - jackson-databind <no-dsa> (Minor issue) NOTE: https://github.com/FasterXML/jackson-databind/issues/2816 ===================================== data/dla-needed.txt ===================================== @@ -68,7 +68,7 @@ icingaweb2 (Abhijith PA) intel-microcode NOTE: 20220213: please recheck -- -jackson-databind +jackson-databind (Markus Koschany) NOTE: 20220320: wait for complete upstream fix (apo) -- kicad View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c1a65777a9735156addc041287b0345105eaf11f...1ffebba629156935d6289cfd4ae4891e4d14532f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c1a65777a9735156addc041287b0345105eaf11f...1ffebba629156935d6289cfd4ae4891e4d14532f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits