FEDORA-2018-bbf8c38b51 created by mbooth 2 years ago for Fedora 26
stable

Security fixes for CVE-2017-17485 and CVE-2018-5968.

How to install

sudo dnf upgrade --advisory=FEDORA-2018-bbf8c38b51

This update has been submitted for testing by mbooth.

2 years ago

This update has been pushed to testing.

2 years ago

mbooth edited this update.

New build(s):

  • jackson-databind-2.7.6-7.fc26

Removed build(s):

  • jackson-databind-2.7.6-6.fc26

Karma has been reset.

2 years ago

This update has been submitted for testing by mbooth.

2 years ago

This update has been pushed to testing.

2 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for batched by mbooth.

2 years ago

mbooth edited this update.

New build(s):

  • jackson-databind-2.7.6-8.fc26

Removed build(s):

  • jackson-databind-2.7.6-7.fc26

Karma has been reset.

2 years ago

This update has been submitted for testing by mbooth.

2 years ago

This update has been pushed to testing.

2 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for batched by mbooth.

2 years ago

This update has been submitted for stable by mbooth.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#1528565 CVE-2017-17485 jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)
0
0
BZ#1530463 CVE-2017-17485 jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) [fedora-all]
0
0
BZ#1538332 CVE-2018-5968 jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)
0
0
BZ#1538333 CVE-2018-5968 jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) [fedora-all]
0
0

Automated Test Results