• Update jackson-parent to version 2.10.
  • Update jackson-bom to version 2.10.0.
  • Update jackson-annotations to version 2.10.0.
  • Update jackson-core to version 2.10.0.
  • Update jackson-databind to version 2.10.0.

Resolves CVE-2019-14540, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943.

How to install

sudo dnf upgrade --advisory=FEDORA-2019-cf87377f5f
This update has been submitted for testing by decathorpe. a month ago
This update's test gating status has been changed to 'waiting'. a month ago
This update's test gating status has been changed to 'ignored'. a month ago
This update has been pushed to testing. a month ago
This update's test gating status has been changed to 'greenwave_failed'. a month ago
This update's test gating status has been changed to 'ignored'. a month ago
This update can be pushed to stable now if the maintainer wishes a month ago
This update has been submitted for stable by bodhi. a month ago
This update has been pushed to stable. 20 days ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a month ago
in testing
a month ago
in stable
20 days ago
BZ#1755832 CVE-2019-16335 jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariDataSource [fedora-all]
0
0
BZ#1755850 CVE-2019-14540 jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariConfig [fedora-all]
0
0
BZ#1758168 jackson-databind: Serialization gadgets in classes of the ehcache package [fedora-all]
0
0
BZ#1758172 jackson-databind: Serialization gadgets in classes of the commons-configuration package [fedora-all]
0
0
BZ#1758183 jackson-databind: Serialization gadgets in classes of the xalan package [fedora-all]
0
0
BZ#1758188 CVE-2019-16942 jackson-databind: Serialization gadgets in classes of the commons-dbcp package [fedora-all]
0
0
BZ#1758193 CVE-2019-16943 jackson-databind: Serialization gadgets in classes of the p6spy package [fedora-all]
0
0

Automated Test Results