Uploaded image for project: 'PuppetDB'
  1. PuppetDB
  2. PDB-4161

Update jackson-databind to remediate CVE-2018-5968

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: PDB 5.1.5, PDB 5.2.4, PDB 6.0.0
    • Fix Version/s: PDB 5.2.6, PDB 6.0.1
    • Component/s: PuppetDB
    • Labels:
      None
    • Template:
    • Team:
      PuppetDB
    • Method Found:
      Needs Assessment
    • Release Notes:
      Security Fix
    • Release Notes Summary:
      Our dependency on jackson-databind was upgraded to 2.9.7 to fix CVE-2018-7489.
    • QA Risk Assessment:
      Needs Assessment

      Description

      Update jackson-databind dependency to version 2.9.7 (latest) which has a fix for https://nvd.nist.gov/vuln/detail/CVE-2018-5968

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              robert.roland Robert Roland
              Reporter:
              robert.roland Robert Roland
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support