diff options
author | Chris Lamb <lamby@debian.org> | 2020-10-14 11:29:25 +0100 |
---|---|---|
committer | Chris Lamb <lamby@debian.org> | 2020-10-14 11:29:25 +0100 |
commit | 7c46f49d9309d378f6abe68a5e4d5f77b2e012e2 (patch) | |
tree | 564da179e2dba5e69fabf570a9fba274e90eb338 /data | |
parent | 9885227aea59372ed3219ea2b75fbd9627112be8 (diff) |
Reserve DLA-2406-1 for jackson-databind
Diffstat (limited to 'data')
-rw-r--r-- | data/DLA/list | 3 | ||||
-rw-r--r-- | data/dla-needed.txt | 2 |
2 files changed, 3 insertions, 2 deletions
diff --git a/data/DLA/list b/data/DLA/list index b2f48672aa..9596e75986 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[14 Oct 2020] DLA-2406-1 jackson-databind - security update + {CVE-2020-25649} + [stretch] - jackson-databind 2.8.6-1+deb9u8 [10 Oct 2020] DLA-2405-1 httpcomponents-client - security update {CVE-2020-13956} [stretch] - httpcomponents-client 4.5.2-2+deb9u1 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index e1aa2a4f86..1c712f8917 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -86,8 +86,6 @@ guacamole-server (Markus Koschany) NOTE: security team. Waiting for feedback. CVE is in guacamole-server not in NOTE: guacamole-client. Backporting the upstream patch seems viable. -- -jackson-databind (Chris Lamb) --- jupyter-notebook NOTE: 20200711: Vulnerable to (at least) CVE-2018-19351. (lamby) -- |