-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : libjackson-json-java Version : 1.9.2-3+deb8u1 CVE ID : CVE-2017-7525 CVE-2017-15095 CVE-2019-10172
Several vulnerabilities were fixed in libjackson-json-java. CVE-2017-7525 Jackson Deserializer security vulnerability. CVE-2017-15095 Block more JDK types from polymorphic deserialization. CVE-2019-10172 XML external entity vulnerabilities. For Debian 8 "Jessie", these problems have been fixed in version 1.9.2-3+deb8u1. We recommend that you upgrade your libjackson-json-java packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl40oX4ACgkQiNJCh6LY mLHYsxAAv7d1ES/LUFwRKdAqH63N+5HR4t/d2piQXPXIwH2xEwoKWsQlBHo4+flN Yw4yywGmBYhIXp7eZy5MMacEKkeYmrD/smEkWcmThqsCiwP62gdajd9YkitBjcfV k9Is29paIzVgTABvdIHVBSUlH56l8ZADK7wYoyTfjlO7sDBJQtRDwyfgOgQyLmIk UIDETFShed4LyqaPGD6MyKlCMuL/bwgU9h/gOQBWJp4STBcRXCDPISgogOE3Sifr wT2FALPBZB6Ufc65e+HAyEmnhzEXC7RRNXqv17MrbEYjhihS6BlOcglqjz0sfnLx sUjsz0M/jLqe835v6FBbSIzJcDwVELc9Ak1+FJckz2lib6GKLgD/zMkZhQRkbM9m Cpwh9iLfD7N7qsCClRYPZIh/+fUq7iK5RCNhQ+3WM7VLXTb7uhgKpwGE16+NSMPC koNL/hBEFALsLNSSJfheCIrxM8WGfqQ489+rt+v1iTyAN4GrGFaU/ZdXKq7udkSb XKUTmMpbBvOuWEgP4KlbwcrxuQsaaLbxEQad0Ywh536SX+h4vX5uCxs8PJWSWCMm uOa8uQJjcqodrZsmYXOZo0wcrAfEvRUFXoVKyGBgdQEbEZXAOUU+Yn5LJ1+UUGu5 UCme4a8dmvF8kRdbf1FqhIEqXwAwCtLt0ejI2j66M8kiHmsJyU4= =tquL -----END PGP SIGNATURE-----