Hi Team,
Please reply to my below query.
We are using FasterXML jackson-databind version 2.13.3 but facing
vulnerabilities like CVE-2022-42003
So we have used FasterXML jackson-databind version 2.14.0-rc1but
vulnerabilities hasn't fixed.
Latest release 2.14.0-rc2 will have fix for these vulnerabilities?
Team, could you please let us know when/which version of future releases these
vulnerabilities will have fixed.
Kindly confirm.
-----Original Message-----
From: dev-h...@httpd.apache.org <dev-h...@httpd.apache.org>
Sent: Thursday, October 27, 2022 1:02 PM
To: Payyavula, Manjula Vani <manjula.v.payyav...@accenture.com>
Subject: [External] Already subscribed to dev@httpd.apache.org
This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links
and attachments.
Hi! This is the ezmlm program. I'm managing the dev@httpd.apache.org mailing
list.
Acknowledgment: The address
manjula.v.payyav...@accenture.com
was already on the dev mailing list when I received your request, and remains a
subscriber.
--- Administrative commands for the dev list ---
I can handle administrative requests automatically. Please do not send them to
the list address! Instead, send your message to the correct command address:
To subscribe to the list, send a message to:
<dev-subscr...@httpd.apache.org>
To remove your address from the list, send a message to:
<dev-unsubscr...@httpd.apache.org>
Send mail to the following for info and FAQ for this list:
<dev-i...@httpd.apache.org>
<dev-...@httpd.apache.org>
Similar addresses exist for the digest list:
<dev-digest-subscr...@httpd.apache.org>
<dev-digest-unsubscr...@httpd.apache.org>
To get messages 123 through 145 (a maximum of 100 per request), mail:
<dev-get.123_...@httpd.apache.org>
To get an index with subject and author for messages 123-456 , mail:
<dev-index.123_...@httpd.apache.org>
They are always returned as sets of 100, max 2000 per request, so you'll
actually get 100-499.
To receive all messages with the same subject as message 12345, send a short
message to:
<dev-thread.12...@httpd.apache.org>
The messages should contain one line or word of text to avoid being treated as
sp@m, but I will ignore their content.
Only the ADDRESS you send to is important.
You can start a subscription for an alternate address, for example
"john@host.domain", just add a hyphen and your address (with '=' instead of
'@') after the command word:
<dev-subscribe-john=host.dom...@httpd.apache.org>
To stop subscription for this address, mail:
<dev-unsubscribe-john=host.dom...@httpd.apache.org>
In both cases, I'll send a confirmation message to that address. When you
receive it, simply reply to it to complete your subscription.
If despite following these instructions, you do not get the desired results,
please contact my owner at dev-ow...@httpd.apache.org. Please be patient, my
owner is a lot slower than I am ;-)
--- Enclosed is a copy of the request I received.
Return-Path: <manjula.v.payyav...@accenture.com>
Received: (qmail 2616923 invoked by uid 116); 27 Oct 2022 07:32:29 -0000
Received: from spamproc1-he-de.apache.org (HELO spamproc1-he-de.apache.org)
(116.203.196.100) by apache.org (qpsmtpd/0.94) with ESMTP; Thu, 27 Oct 2022
07:32:29 +0000
Authentication-Results: apache.org; auth=none
Received: from localhost (localhost [127.0.0.1])
by spamproc1-he-de.apache.org (ASF Mail Server at
spamproc1-he-de.apache.org) with ESMTP id EBDD71FF65B
for
<dev-sc.1666855488.dafpdikjjokohbmaoioe-manjula.v.payyavula=accenture....@httpd.apache.org>;
Thu, 27 Oct 2022 07:32:28 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamproc1-he-de.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.202
X-Spam-Level:
X-Spam-Status: No, score=-0.202 tagged_above=-999 required=6.31
tests=[DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001,
SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=disabled
Authentication-Results: spamproc1-he-de.apache.org (amavisd-new);
dkim=pass (2048-bit key) header.d=accenture.com
Received: from mx1-ec2-va.apache.org ([116.203.227.195])
by localhost (spamproc1-he-de.apache.org [116.203.196.100])
(amavisd-new, port 10024)
with ESMTP id tHB0FseOkHUC
for
<dev-sc.1666855488.dafpdikjjokohbmaoioe-manjula.v.payyavula=accenture....@httpd.apache.org>;
Thu, 27 Oct 2022 07:32:27 +0000 (UTC)
Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=40.107.236.100;
helo=nam11-bn8-obe.outbound.protection.outlook.com;
envelope-from=manjula.v.payyav...@accenture.com; receiver=<UNKNOWN>
Received: from NAM11-BN8-obe.outbound.protection.outlook.com
(mail-bn8nam11on2100.outbound.protection.outlook.com [40.107.236.100])
by mx1-ec2-va.apache.org (ASF Mail Server at mx1-ec2-va.apache.org)
with ESMTPS id 50DCBBBC94
for
<dev-sc.1666855488.dafpdikjjokohbmaoioe-manjula.v.payyavula=accenture....@httpd.apache.org>;
Thu, 27 Oct 2022 07:32:27 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=iF9oAtGlomqo664EPyaP1m7/MNFQ9dML1JbTBZz6HT+Q01DlfpGHdk/sOUPaHwJoQTCyTEUVzMqTVPRZ/gUtiWMv/9cxyIaHOx5uYfMfRI5ZNTgAkN4OQ7KJykwDv1YuQUmXpiTh9DS90L9xdlJOFtZQFsfWM5bvmY/Lfi3N6W9gDsE5a4A1zXKFxhTWBuqpaajantLm91JJVDh6fXsSMWi9abBbP3VeqNC1K7f1DQFRaidBeeo42N81njgso9nP4mM7S5hQbRSVx1XbWPtKX3DvRND4Mec12L1RVauxUmg2rGGNinvkTyaHLdg0+PXrbYcRUvtTKEDygKXWhwkCxg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=UMQ4AllN0YIjQ2AgxCNnQBBlUrmn/byV2eqyFrpJdxI=;
b=TsIoIKH7RnkRB5EYCyHRfh4h8BOi3CbcPtHmtSasRIvTyLjfoI4uGJt6lZeSAkEtktnT1hm8us0ZHiA4Rtoz6Ps1O5TImmmzZDVtNbhXxm5pRRbrx4WlP6ZOeLAweeyjoP9offT5EZZz6PMRo2rkV0C6i1ipXE0xXqVPhOeys2sKWsEtYwbIpX66sENTkj0lZvqLh3MWFTdfjxvRme+LNclTJekCx/hejUHclHRb/typUKOKDxQVaO44+/cPrVCiwa3TYjHW1QktadbQCcs6GVS28AsVR5dbO4h9U8lNe+LI5fU8VzGTH803dlQ076Lnu2RmOHHFeXB6pogOoWs26w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=accenture.com; dmarc=pass action=none header.from=accenture.com;
dkim=pass header.d=accenture.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=accenture.com;
s=selector2;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=UMQ4AllN0YIjQ2AgxCNnQBBlUrmn/byV2eqyFrpJdxI=;
b=Jcta98MQYTpVJjBkJ5WrVw9hToztKYGUdsRyR1RWc7rKVodzIBLnTIZXwbC3ZfUA9WpEw8zemUlvjpSfPBuxm1RtIP/F7JZwE3/X167sCVE3jpYnlyg25f6gV6jYWFt+Mp3e6CA1+0g2vtl5lYFFLbeXFHYhYTL6QTlunK85zZkLADy+tE3Hj5yagFrod33nbhhpINVJALteVlY65Avk/AcPpoxDMJo92x5pXXIa2h66yYGlkEsKpYBv7uYlMqsfOBkWU/XwGYrlJvZiEuwQCg64C5F5SP1J2b7+afF2y8RJY9QH0r/f+HYHJWgl+esrYLexbqPX5XbVSyGym6O1Hw==
Received: from SJ0P114MB1342.NAMP114.PROD.OUTLOOK.COM (2603:10b6:a03:256::16)
by SJ0P114MB1360.NAMP114.PROD.OUTLOOK.COM (2603:10b6:a03:2a6::7) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.29; Thu, 27 Oct
2022 07:32:19 +0000
Received: from SJ0P114MB1342.NAMP114.PROD.OUTLOOK.COM
([fe80::a4b2:997:fda:996]) by SJ0P114MB1342.NAMP114.PROD.OUTLOOK.COM
([fe80::a4b2:997:fda:996%4]) with mapi id 15.20.5746.029; Thu, 27 Oct 2022
07:32:19 +0000
From: "Payyavula, Manjula Vani" <manjula.v.payyav...@accenture.com>
To:
"dev-sc.1666855488.dafpdikjjokohbmaoioe-manjula.v.payyavula=accenture....@httpd.apache.org"
<dev-sc.1666855488.dafpdikjjokohbmaoioe-manjula.v.payyavula=accenture....@httpd.apache.org>
Subject: RE: [External] confirm subscribe to dev@httpd.apache.org
Thread-Topic: [External] confirm subscribe to dev@httpd.apache.org
Thread-Index: AQHY6dU1vbSo9njYPkygVUbfLJur2a4h2IDA
Date: Thu, 27 Oct 2022 07:32:18 +0000
Message-ID:
<sj0p114mb134263da20632013d4c3bdcfb1...@sj0p114mb1342.namp114.prod.outlook.com>
References: <1666855488.2598298.ez...@httpd.apache.org>
In-Reply-To: <1666855488.2598298.ez...@httpd.apache.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed)
header.d=none;dmarc=none action=none header.from=accenture.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ0P114MB1342:EE_|SJ0P114MB1360:EE_
x-ms-office365-filtering-correlation-id: 37f350ac-a837-4f13-b2ad-08dab7ed6113
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info:
cGobb18Qy8NZd5EsAVljg0PCfmQcIHOVekU6S/mHYwMVk8M+xdvF/W/U3cHDuYliY8Gdq11dWY3SgMkZ9iQkHt6d7N2G2QddJbgEyHumx0abLohuI/h4+y6xtR8Miw4CSUFIFL4I/H/dLGzFSuZd3xeGc0FrS74TLeVW28s9KkW/tEFal+B0+3eVjd8kg0+lAPAo+Q5ERbHNNJp3IlnQZbLtA0zxnfcxYA2NEH2aRXU4SPW4pMQgLAYgoziRg5U5fF4reYXbNQK8KEkR63F/Wp4c0h8+6YmTgZK65l7ptMtMcWRQSchFk8rPIAFQlK133i/L3Dj0TtMtEC+F8/KgR5xHhqiBcZiWXH+HtAx02PDAru/yTsEK6QW+xNco2VBQjqrWgrGOPHdOdVLlUYyLbKIH/+ILMpxnduPvLgdqsaCe4k/RTUWvNWOSJgAPy5qrkj8vjeW33rKOrrbKQetsZ6Dnentv3CBqlnVaEB6T78UrxqvgC6sJaPNgvKTwznxcBuO5J32XwWewRtFSdzFV5S2+jPPYVlATweGXguss6hUYbXYAWRATs7RfdbV9p5M/O93/+ysmhMU9yrWosr+OX4kNcxEOMuoHWKxomftu4gU1tODbRwREjF8t6lhc6kY9xCfUxQHqCYz1Qo8Rh9GF0/dNiWzzfdKVx2tFPqFy1tYXD4L9s/LhrO0IBI7nfvU52apI8swMx0bWhLd6HzVbxWL8l5JfIk3qMQEEzCm3ZQhyVr+r21twhb9Q8RN2RdCAl6Tw8786DWlQYG0UhBNoA92gEwEF2ms1XdV7sFXGVinUTS7dxfeJ+9zHQ5NYFi5m4XWe/gak8FX5wNrtfGRbtch1lsAUp0RZUPTZr1ZV8qIFLQ/PLnZ/1z14HX0ltLT+ic1SRQCtCXchaGQHKqQedw==
x-forefront-antispam-report:
CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SJ0P114MB1342.NAMP114.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230022)(4636009)(346002)(39860400002)(376002)(136003)(366004)(396003)(451199015)(966005)(71200400001)(45080400002)(33656002)(7696005)(6506007)(478600001)(53546011)(5660300002)(8676002)(66556008)(76116006)(66476007)(66446008)(64756008)(66946007)(8936002)(41300700001)(30864003)(52536014)(316002)(55016003)(82960400001)(82950400001)(38070700005)(122000001)(38100700002)(186003)(15974865002)(26005)(9686003)(66574015)(83380400001)(86362001)(66899015)(2906002)(30470500001)(299355004)(18886075002);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0:
=?us-ascii?Q?AR+CbKr0wI/41eamWl/V0Cns37xA8y1+rKRNNY6eyVs7fJauiLgx7j8TxKkH?=
=?us-ascii?Q?nM4korW6HaxpdNTed/GSxuCJL4yacvek5B3Pyj6NH3ah0z5C0FEQzW2wVFWN?=
=?us-ascii?Q?JqcgEWrMv82GRoSSd2jBcxoznvYFGxp26n0afgu4DBK4nKOYdnqm2FQn8c6Y?=
=?us-ascii?Q?+CWx+ZVEDqQQbXpuVL3JTEnJnI/taacWG0BkFJ6bZWj0u5jM/6BCnD4JZTge?=
=?us-ascii?Q?0VKzesFeFE3T28bMcTAWgPmE8RNy+vnXoBaa9HOfVxGU2M7MddxdIfJeYYZU?=
=?us-ascii?Q?ykODQrefSbuh6ABiiFIq2oCJwSwP5vwlR7hUPJIMW9H9pvGkpG4BE0kG7ij7?=
=?us-ascii?Q?zRstAyCqQALiK6+qgj9qTCd2Vu6o+zp7N83T0iOW42wFkEdAqODcZgs+q4+0?=
=?us-ascii?Q?K085j3DVXgDs5kjHvp+eh5eKE5nWMehBwPx6A+UPZBcrd6cCLft3+BSSTnpy?=
=?us-ascii?Q?4hUZYepC0u14Vaz3yLHTmxSwtYI+l6Ds270nbHVXn/dSsbnBXX6JcutncjiT?=
=?us-ascii?Q?K49Kqwrdv8Z25blDw+h65Z9RDHIUfAY4EdeNkWH5vXvsjf2ODqT9y8JXHXoY?=
=?us-ascii?Q?tCem4BhhuWQIf84M0Fg2RHKla3tGTPVK70Yw/NOAq1A8XshsSSSgrHncODOP?=
=?us-ascii?Q?XpXeg3yvI6ZolGv7xM+FogaXEnfP1eY+/HwkgCWvvBOnpmvxNYUPlDsEjEkq?=
=?us-ascii?Q?B6TX7YCHe4LZK75BMmYth+Uy8PhuidBGvOkIKNKNdITKwUKLgP/UPuV1YiIa?=
=?us-ascii?Q?AdWqfmZoqarEAq+uWl5+pRhi7MUuhsm90Ja5OJzMLJrMEDWzXtBOjKGCgnLy?=
=?us-ascii?Q?KJvtqEBDdwO3+SglFfmrBDnQq4gAzzBDQuXOWrxMtQp0ZFGfjXL3zpSBcahe?=
=?us-ascii?Q?wLqO+XpsSnFUo0uYTwCQxasWPiyHHifb5yTXvQRR6J3ZDItZxY3aZpqJn6J8?=
=?us-ascii?Q?653HCYHOemFhLyPdzKZc0l8MwOcVQaGVD4dBG3OEJrw7OZCtJ7ECmQ6WA/+L?=
=?us-ascii?Q?e5TmCOSHJaW40K8u19+c4P8yKlDsOR4SdeZjshzCDdzQ6M/NTlYgBurh+7NN?=
=?us-ascii?Q?Ky91Z2hyXPEHIlrTYkcPdGNIyPQEfwgrkG6Ukp34LUYph5n9IIPh3mWjf9zE?=
=?us-ascii?Q?lkD9v4lnTW+Z8f5OYhC3bRsU2vz/Pn1Gg+TLflID2iiS8lWtOyvbyiGma+2/?=
=?us-ascii?Q?PifxNddOywDvUspfJ2qW8ypPwx+CJ4hvxzsoYsOTjEROlKVJFjUm6KW1oR4l?=
=?us-ascii?Q?SbmpiiIszSH9zfT5amJMG//vk+faGLx6rFsKfUbX1d4rbXfG6uRnuj+oqDIe?=
=?us-ascii?Q?AjM8NqT4SgSbgpSaKGXeI+h0aer18AyhLnoMqrdWLTYhOaBxSLtBYfLBDdBZ?=
=?us-ascii?Q?++TltiJdT867qV+r5Foct2DFKAKUoWCoIowaxyNnKTGKPFv1QIClz3jW+DTu?=
=?us-ascii?Q?HzSc0L051sItlAyeJv4OZX+JyTGgAW7iPqSckBplXdR4V52LN4yeJmyeuuWb?=
=?us-ascii?Q?u/Mx8jo02V6lZuR+lcdhxfbnrY29KYjBG70Su1qY9o6U/WKGaxt4ylwXJfv2?=
=?us-ascii?Q?2j+NKbsdAedO+1gNH0t2NYMJdZMVRsWj6PYBuLmaZN+sLyzGXRK79VmULRV8?=
=?us-ascii?Q?5wFeP1iyYH/bzdXdNsntikQ=3D?=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: accenture.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0P114MB1342.NAMP114.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id:
37f350ac-a837-4f13-b2ad-08dab7ed6113
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Oct 2022 07:32:18.9534
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: e0793d39-0939-496d-b129-198edd916feb
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname:
8Ro2W6kBvHI1aT77QFG3dT031mqpOk13mi7BkCw46GwEyt4HAj80KDTiWhrNgk42di8oPf2qpqH8Lxy2ny7m0OQialBUaQCWlyKhAj/yA84T3K6vfwFixg13WqIl4oG2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0P114MB1360
________________________________
This message is for the designated recipient only and may contain privileged,
proprietary, or otherwise confidential information. If you have received it in
error, please notify the sender immediately and delete the original. Any other
use of the e-mail by you is prohibited. Where allowed by local law, electronic
communications with Accenture and its affiliates, including e-mail and instant
messaging (including content), may be scanned by our systems for the purposes
of information security and assessment of internal compliance with Accenture
policy. Your privacy is important to us. Accenture uses your personal data only
in compliance with data protection laws. For further information on how
Accenture processes your personal data, please see our privacy statement at
https://www.accenture.com/us-en/privacy-policy.
______________________________________________________________________________________
www.accenture.com
