Oval Definition:oval:org.opensuse.security:def:65586
Revision Date:2021-01-29Version:1
Title:Security update for jackson-databind (Moderate)
Description:

This update for jackson-databind fixes the following issues:

jackson-databind was updated to 2.10.5.1: * #2589: `DOMDeserializer`: setExpandEntityReferences(false) may not prevent external entity expansion in all cases (CVE-2020-25649, bsc#1177616) * #2787 (partial fix): NPE after add mixin for enum * #2679: 'ObjectMapper.readValue('123', Void.TYPE)' throws 'should never occur'
Family:unixClass:patch
Status:Reference(s):1065729
1071995
1074701
1083548
1085030
1085235
1085308
1087078
1100394
1102640
1105412
1111666
1112178
1113956
1120163
1133021
1144333
1169790
1171688
1172108
1172247
1172418
1172428
1172461
1172506
1172781
1172782
1172783
1172871
1172872
1172963
1173485
1173798
1173954
1174003
1174026
1174070
1174161
1174205
1174247
1174298
1174299
1174387
1174484
1174547
1174549
1174550
1174625
1174658
1174685
1174689
1174699
1174734
1174757
1174771
1174840
1174841
1174843
1174844
1174845
1174852
1174873
1174887
1174904
1174926
1174968
1175062
1175063
1175064
1175065
1175066
1175067
1175112
1175127
1175128
1175149
1175199
1175213
1175228
1175232
1175284
1175393
1175394
1175396
1175397
1175398
1175399
1175400
1175401
1175402
1175403
1175404
1175405
1175406
1175407
1175408
1175409
1175410
1175411
1175412
1175413
1175414
1175415
1175416
1175417
1175418
1175419
1175420
1175421
1175422
1175423
1175440
1175493
1175515
1175518
1175526
1175550
1175654
1175666
1175668
1175669
1175670
1175767
1175768
1175769
1175770
1175771
1175772
1175786
1175873
1175992
1177616
1180391
1181118
CVE-2020-13777
CVE-2020-14314
CVE-2020-14331
CVE-2020-14356
CVE-2020-16166
CVE-2020-24394
CVE-2020-25649
CVE-2020-35728
CVE-2021-20190
SUSE-SU-2021:0243-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Development Tools 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • gnutls-3.6.7-6.29 is installed
  • OR gnutls-guile-3.6.7-6.29 is installed
  • OR libgnutls-devel-32bit-3.6.7-6.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed
  • AND jackson-databind-2.10.5.1-3.3.2 is installed
    • BACK