Package: jackson-databind | Debian Sources

Package: jackson-databind / 2.9.8-3+deb10u3

Metadata

Package	Version	Patches format
jackson-databind	2.9.8-3+deb10u3	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
CVE 2019 12086.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	cve-2019-12086 Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929177 Bug-Upstream: https://github.com/FasterXML/jackson-databind/issues/2326
CVE 2019 12384.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	cve-2019-12384 Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930750
CVE 2019 12814.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java \| 6 5 + 1 - 0 ! 1 file changed, 5 insertions(+), 1 deletion(-)	cve-2019-12814 Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930750
polymorphic typing issues.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java \| 25 25 + 0 - 0 ! 1 file changed, 25 insertions(+)	polymorphic typing issues This is the fix for CVE-2019-14379, CVE-2019-14439, CVE-2019-14540, CVE-2019-16335, CVE-2019-16942 and CVE-2019-16943.
multiple CVE SubTypeValidator.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java \| 93 87 + 6 - 0 ! 1 file changed, 87 insertions(+), 6 deletions(-)	multiple cve subtypevalidator This is the fix for CVE-2020-9548, CVE-2020-9547, CVE-2020-9546, CVE-2020-8840, CVE-2020-14195, CVE-2020-14062, CVE-2020-14061, CVE-2020-14060, CVE-2020-11620, CVE-2020-11619, CVE-2020-11113, CVE-2020-11112, CVE-2020-11111, CVE-2020-10969, CVE-2020-10968, CVE-2020-10673, CVE-2020-10672, CVE-2019-20330, CVE-2019-17531 and CVE-2019-17267.
CVE 2020 24{616,750}.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java \| 7 6 + 1 - 0 ! 1 file changed, 6 insertions(+), 1 deletion(-)	[patch] work for addressing #2798
CVE 2020 25649 \| (download)	src/main/java/com/fasterxml/jackson/databind/ext/DOMDeserializer.java \| 8 8 + 0 - 0 ! 1 file changed, 8 insertions(+)	[patch] fix #2589
CVE 2020 35{490,491,728}.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java \| 8 8 + 0 - 0 ! 1 file changed, 8 insertions(+)	[patch] fixed #2999
CVE 2020 361{79 90}.patch \| (download)	src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java \| 36 32 + 4 - 0 ! 1 file changed, 32 insertions(+), 4 deletions(-)	multiple fixes (cve-2020-36179 to cve-2020-36190) cherry-picked together from upstream.

1