Bug#888316: jackson-databind: CVE-2018-5968

Am 11.02.2018 um 08:42 schrieb Sébastien Delafond: [...] > Hi Markus, > > thanks a lot for patches. I've reviewed them, and your approach is > sound: please upload. > > Cheers, > > --Seb Hi Seb, thanks for the review. I've just uploaded both packages. Cheers, Markus signature.asc

Bug#888316: jackson-databind: CVE-2018-5968

On Jan/27, Markus Koschany wrote: > I have prepared security updates of jackson-databind for Stretch and > Jessie and would appreciate another look at the patches. > > The fix for CVE-2018-5968 is straightforward. The blacklist is simply > extended. > > However upstream decided to refactor the

Bug#888316: jackson-databind: CVE-2018-5968

Hi folks, Am 25.01.2018 um 15:23 schrieb Salvatore Bonaccorso: > Hi Markus, > > On Thu, Jan 25, 2018 at 02:40:10PM +0100, Markus Koschany wrote: >> Hi, >> >> On Wed, 24 Jan 2018 23:02:44 +0100 Salvatore Bonaccorso >> wrote: >>> Source: jackson-databind >>> Version: 2.9.1-1

Bug#888316: jackson-databind: CVE-2018-5968

Hi Markus, On Thu, Jan 25, 2018 at 02:40:10PM +0100, Markus Koschany wrote: > Hi, > > On Wed, 24 Jan 2018 23:02:44 +0100 Salvatore Bonaccorso > wrote: > > Source: jackson-databind > > Version: 2.9.1-1 > > Severity: grave > > Tags: patch security upstream > > Forwarded:

Bug#888316: jackson-databind: CVE-2018-5968

Hi, On Wed, 24 Jan 2018 23:02:44 +0100 Salvatore Bonaccorso wrote: > Source: jackson-databind > Version: 2.9.1-1 > Severity: grave > Tags: patch security upstream > Forwarded: https://github.com/FasterXML/jackson-databind/issues/1899 > Control: found -1 2.8.6-1+deb9u2 >

Bug#888316: jackson-databind: CVE-2018-5968

Source: jackson-databind Version: 2.9.1-1 Severity: grave Tags: patch security upstream Forwarded: https://github.com/FasterXML/jackson-databind/issues/1899 Control: found -1 2.8.6-1+deb9u2 Control: found -1 2.4.2-2+deb8u2 Hi, the following vulnerability was published for jackson-databind.