[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-7489/jackson-databind fixed in unstable

Tue, 27 Mar 2018 12:13:09 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6d6820e5 by Salvatore Bonaccorso at 2018-03-27T21:12:19+02:00
CVE-2018-7489/jackson-databind fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3911,7 +3911,7 @@ CVE-2018-7490 (uWSGI before 2.0.17 mishandles a 
DOCUMENT_ROOT check during use o
        NOTE: 
https://github.com/unbit/uwsgi/commit/0a480f435ea6feb63deb410ad2bf376ed3f05f8a
        NOTE: https://blog.runesec.com/2018/03/01/uwsgi-path-traversal/
 CVE-2018-7489 (FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 
2.9.5 ...)
-       - jackson-databind <unfixed> (bug #891614)
+       - jackson-databind 2.9.5-1 (bug #891614)
        NOTE: https://github.com/FasterXML/jackson-databind/issues/1931
        NOTE: 
https://github.com/FasterXML/jackson-databind/commit/6799f8f10cc78e9af6d443ed6982d00a13f2e7d2
 CVE-2018-7488



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d6820e559046c4cb489aca373781a4828ea64a6

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d6820e559046c4cb489aca373781a4828ea64a6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to