Uploaded image for project: 'PuppetDB'
  1. PuppetDB
  2. PDB-4364

Fix databind CVE-2018-5968 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 in 5.1

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PDB 5.1.6, PDB n/a
    • Component/s: None
    • Labels:
      None
    • Template:
    • Team:
      PuppetDB
    • CVE-ID:
      CVE-2018-5968 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362
    • Method Found:
      Needs Assessment
    • Release Notes:
      Security Fix
    • Release Notes Summary:
      The jackson-databind dependency has been upgraded to 2.9.8 to fix CVE-2018-5968, CVE-2018-19360, CVE-2018-19361, and CVE-2018-19362.
    • QA Risk Assessment:
      Needs Assessment

      Attachments

        Issue Links

          Activity

            jsd-sla-details-panel

              People

              • Assignee:
                rob.browning Rob Browning
                Reporter:
                rob.browning Rob Browning
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: