Oval Definition:oval:org.opensuse.security:def:108704
Revision Date:2021-01-29Version:1
Title:Security update for jackson-databind (Moderate)
Description:

This update for jackson-databind fixes the following issues:

jackson-databind was updated to 2.10.5.1: * #2589: `DOMDeserializer`: setExpandEntityReferences(false) may not prevent external entity expansion in all cases (CVE-2020-25649, bsc#1177616) * #2787 (partial fix): NPE after add mixin for enum * #2679: 'ObjectMapper.readValue('123', Void.TYPE)' throws 'should never occur'
Family:unixClass:patch
Status:Reference(s):1177616
1180391
1181118
CVE-2020-25649
CVE-2020-35728
CVE-2021-20190
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
Product(s):
BACK