rpms / rh-maven35-jackson-databind

Clone
Source Code
GIT

Blame SOURCES/CVE-2019-14379.patch

c7
  1.   1775a0e0c0462a95a9297228a82199c900c2d3b1
  2.   SOURCES
  3.   CVE-2019-14379.patch
Blob History Raw
1775a0 
--- jackson-databind-jackson-databind-2.7.6/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java.orig	2019-09-05 10:22:43.429446495 +0200
1775a0 
+++ jackson-databind-jackson-databind-2.7.6/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java	2019-09-05 10:33:48.325482004 +0200
1775a0 
@@ -76,6 +76,12 @@
1775a0 
         // [databind#2334] (2.9.9.1): logback-core
1775a0 
         s.add("ch.qos.logback.core.db.DriverManagerConnectionSource");
1775a0
1775a0 
+        // [databind#2387]: EHCache
1775a0 
+        s.add("net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup");
1775a0 
+
1775a0 
+        // [databind#2389]: logback/jndi
1775a0 
+        s.add("ch.qos.logback.core.db.JNDIConnectionSource");
1775a0 
+
1775a0 
         DEFAULT_NO_DESER_CLASS_NAMES = Collections.unmodifiableSet(s);
1775a0 
     }
1775a0

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation