pom.xml | 6 6 + 0 - 0 !
1 file changed, 6 insertions(+)

 fix-using-bundle

src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java | 49 49 + 0 - 0 !
src/test/java/com/fasterxml/jackson/databind/interop/IllegalTypesCheckTest.java | 40 40 + 0 - 0 !
2 files changed, 89 insertions(+)

 cve-2017-7525

Bug-Upstream: https://github.com/FasterXML/jackson-databind/issues/1599
Bug-Debian: https://bugs.debian.org/870848

src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 minor improvement wrt #1599 (also cover vanilla xalan impl)

src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 fix #1680

src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java | 11 10 + 1 - 0 !
src/test/java/com/fasterxml/jackson/databind/interop/IllegalTypesCheckTest.java | 94 89 + 5 - 0 !
2 files changed, 99 insertions(+), 6 deletions(-)

 fix #1737

src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java | 3 3 + 0 - 0 !
1 file changed, 3 insertions(+)

 cve-2018-5968

Bug-Debian: https://bugs.debian.org/888316
Bug-Upstream: https://github.com/FasterXML/jackson-databind/issues/1899

src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java | 37 32 + 5 - 0 !
1 file changed, 32 insertions(+), 5 deletions(-)

 cve-2017-17485

Bug-Debian: https://bugs.debian.org/888318
Bug-Upstream: https://github.com/FasterXML/jackson-databind/issues/1855

src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java | 16 14 + 2 - 0 !
1 file changed, 14 insertions(+), 2 deletions(-)

 cve-2018-7489

Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891614