• Update jackson-parent to version 2.10.
  • Update jackson-bom to version 2.10.0.
  • Update jackson-annotations to version 2.10.0.
  • Update jackson-core to version 2.10.0.
  • Update jackson-databind to version 2.10.0.

Resolves CVE-2019-14540, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943.

How to install

sudo dnf upgrade --advisory=FEDORA-2019-b171554877

This update has been submitted for testing by decathorpe.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update's test gating status has been changed to 'greenwave_failed'.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update can be pushed to stable now if the maintainer wishes

11 months ago

This update has been submitted for stable by bodhi.

11 months ago

This update has been pushed to stable.

11 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a year ago
in testing
a year ago
in stable
11 months ago
BZ#1755832 CVE-2019-16335 jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariDataSource [fedora-all]
0
0
BZ#1755850 CVE-2019-14540 jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariConfig [fedora-all]
0
0
BZ#1758168 jackson-databind: Serialization gadgets in classes of the ehcache package [fedora-all]
0
0
BZ#1758172 jackson-databind: Serialization gadgets in classes of the commons-configuration package [fedora-all]
0
0
BZ#1758183 jackson-databind: Serialization gadgets in classes of the xalan package [fedora-all]
0
0
BZ#1758188 CVE-2019-16942 jackson-databind: Serialization gadgets in classes of the commons-dbcp package [fedora-all]
0
0
BZ#1758193 CVE-2019-16943 jackson-databind: Serialization gadgets in classes of the p6spy package [fedora-all]
0
0

Automated Test Results