Uploaded image for project: 'PuppetDB'
  1. PuppetDB
  2. PDB-4161

Update jackson-databind to remediate CVE-2018-5968

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • PDB 5.1.5, PDB 5.2.4, PDB 6.0.0
    • PDB 5.2.6, PDB 6.0.1
    • PuppetDB
    • None
    • PuppetDB
    • Needs Assessment
    • Security Fix
    • Our dependency on jackson-databind was upgraded to 2.9.7 to fix CVE-2018-7489.
    • Needs Assessment

    Description

      Update jackson-databind dependency to version 2.9.7 (latest) which has a fix for https://nvd.nist.gov/vuln/detail/CVE-2018-5968

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. PDB-4364 Fix databind CVE-2018-5968 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 in 5.1

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Activity

            People

              robert.roland Robert Roland
              robert.roland Robert Roland
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support