Publishing details

• Removed from disk on 2018-05-05.
• Removal requested on 2018-05-05.
• Superseded on 2018-05-04 by jackson-databind - 2.8.6-1+deb9u4build0.17.10.1
• Published on 2018-02-15
• Copied from ubuntu artful in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot

Changelog

jackson-databind (2.8.6-1+deb9u3build0.17.10.1) artful-security; urgency=medium

  * fake sync from Debian

jackson-databind (2.8.6-1+deb9u3) stretch-security; urgency=high

  * Team upload.
  * Fix CVE-2017-17485 and CVE-2018-5968:
    Bybass of deserialization blackist to disallow unauthenticated remote code
    execution. These CVE exist due to an incomplete fix for CVE-2017-7525.
    (Closes: #888316, #888318)

 -- Steve Beattie <email address hidden>  Thu, 15 Feb 2018 10:15:00 -0800

Builds

• amd64

Package files

• jackson-databind_2.8.6-1+deb9u3build0.17.10.1.debian.tar.xz (8.3 KiB)
• jackson-databind_2.8.6-1+deb9u3build0.17.10.1.dsc (2.5 KiB)
• jackson-databind_2.8.6.orig.tar.xz (721.5 KiB)
• libjackson2-databind-java-doc_2.8.6-1+deb9u3build0.17.10.1_all.deb (1.2 MiB)
• libjackson2-databind-java_2.8.6-1+deb9u3build0.17.10.1_all.deb (1.1 MiB)