Oval Definition:oval:org.opensuse.security:def:97158
Revision Date:2021-01-29Version:1
Title:Security update for jackson-databind (Moderate)
Description:

This update for jackson-databind fixes the following issues:

jackson-databind was updated to 2.10.5.1: * #2589: `DOMDeserializer`: setExpandEntityReferences(false) may not prevent external entity expansion in all cases (CVE-2020-25649, bsc#1177616) * #2787 (partial fix): NPE after add mixin for enum * #2679: 'ObjectMapper.readValue('123', Void.TYPE)' throws 'should never occur'
Family:unixClass:patch
Status:Reference(s):1177616
1180391
1181118
CVE-2020-25649
CVE-2020-35728
CVE-2021-20190
SUSE-SU-2021:0243-1
Platform(s):openSUSE Leap 15.3 SLE Imports
Product(s):
Definition Synopsis
  • openSUSE Leap 15.3 SLE Imports is installed
  • AND Package Information
  • jackson-databind-2.10.5.1-3.3.2 is installed
  • OR jackson-databind-javadoc-2.10.5.1-3.3.2 is installed
    • BACK