Package: jackson-databind | Debian Sources

Package: jackson-databind / 2.12.1-1+deb11u1

Package	Version	Patches format
jackson-databind	2.12.1-1+deb11u1	3.0 (quilt)

Patch	File delta	Description
base pom.patch \| (download)	pom.xml \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	base pom Quick workaround for the FTBFS with jackson-core 2.9.8. Patch must be dropped when we update jackson-core again.
CVE 2020 36518.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/deser/std/UntypedObjectDeserializer.java \| 110 63 + 47 - 0 ! src/test/java/com/fasterxml/jackson/databind/deser/DeepNestingUntypedDeserTest.java \| 70 70 + 0 - 0 ! 2 files changed, 133 insertions(+), 47 deletions(-)	cve-2020-36518 Bug-Debian: https://bugs.debian.org/1007109
CVE 2022 42003.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/deser/std/StdDeserializer.java \| 52 40 + 12 - 0 ! src/test/java/com/fasterxml/jackson/databind/deser/dos/DeepArrayWrappingForDeser3590Test.java \| 95 95 + 0 - 0 ! 2 files changed, 135 insertions(+), 12 deletions(-)	cve-2022-42003
CVE 2022 42004.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/DeserializationFeature.java \| 4 3 + 1 - 0 ! src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializer.java \| 10 10 + 0 - 0 ! src/test/java/com/fasterxml/jackson/databind/deser/dos/DeepArrayWrappingForDeser3582Test.java \| 44 44 + 0 - 0 ! 3 files changed, 57 insertions(+), 1 deletion(-)	cve-2022-42004

Patch	File delta	Description
base pom.patch \| (download)	pom.xml \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	base pom Quick workaround for the FTBFS with jackson-core 2.9.8. Patch must be dropped when we update jackson-core again.
CVE 2020 36518.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/deser/std/UntypedObjectDeserializer.java \| 110 63 + 47 - 0 ! src/test/java/com/fasterxml/jackson/databind/deser/DeepNestingUntypedDeserTest.java \| 70 70 + 0 - 0 ! 2 files changed, 133 insertions(+), 47 deletions(-)	cve-2020-36518 Bug-Debian: https://bugs.debian.org/1007109
CVE 2022 42003.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/deser/std/StdDeserializer.java \| 52 40 + 12 - 0 ! src/test/java/com/fasterxml/jackson/databind/deser/dos/DeepArrayWrappingForDeser3590Test.java \| 95 95 + 0 - 0 ! 2 files changed, 135 insertions(+), 12 deletions(-)	cve-2022-42003
CVE 2022 42004.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/DeserializationFeature.java \| 4 3 + 1 - 0 ! src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializer.java \| 10 10 + 0 - 0 ! src/test/java/com/fasterxml/jackson/databind/deser/dos/DeepArrayWrappingForDeser3582Test.java \| 44 44 + 0 - 0 ! 3 files changed, 57 insertions(+), 1 deletion(-)	cve-2022-42004