Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 6d6820e5 by Salvatore Bonaccorso at 2018-03-27T21:12:19+02:00 CVE-2018-7489/jackson-databind fixed in unstable - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -3911,7 +3911,7 @@ CVE-2018-7490 (uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use o NOTE: https://github.com/unbit/uwsgi/commit/0a480f435ea6feb63deb410ad2bf376ed3f05f8a NOTE: https://blog.runesec.com/2018/03/01/uwsgi-path-traversal/ CVE-2018-7489 (FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 ...) - - jackson-databind <unfixed> (bug #891614) + - jackson-databind 2.9.5-1 (bug #891614) NOTE: https://github.com/FasterXML/jackson-databind/issues/1931 NOTE: https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2 CVE-2018-7488 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d6820e559046c4cb489aca373781a4828ea64a6 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d6820e559046c4cb489aca373781a4828ea64a6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits