rpms / rh-maven35-jackson-databind

Clone
Source Code
GIT

Blame SOURCES/CVE-2020-11619.patch

c7
  1.   c7
  2.   SOURCES
  3.   CVE-2020-11619.patch
Blob History Raw
6a8cc2
6a8cc2 
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-11619
6a8cc2
6a8cc2 
https://github.com/FasterXML/jackson-databind/commit/113e89fb08b1b6b072d60b3e4737ed407c13db9a
6a8cc2
6a8cc2 
--- jackson-databind-jackson-databind-2.7.6/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java.cve11619
6a8cc2 
+++ jackson-databind-jackson-databind-2.7.6/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java
6a8cc2 
@@ -45,6 +45,10 @@
6a8cc2 
         // [databind#1737]; 3rd party
6a8cc2 
 //s.add("org.springframework.aop.support.AbstractBeanFactoryPointcutAdvisor"); // deprecated by [databind#1855]
6a8cc2 
         s.add("org.springframework.beans.factory.config.PropertyPathFactoryBean");
6a8cc2 
+        // [databind#2680]
6a8cc2 
+        s.add("org.springframework.aop.config.MethodLocatingFactoryBean");
6a8cc2 
+        s.add("org.springframework.beans.factory.config.BeanReferenceFactoryBean");
6a8cc2 
+
6a8cc2 
         s.add("com.mchange.v2.c3p0.JndiRefForwardingDataSource");
6a8cc2 
         s.add("com.mchange.v2.c3p0.WrapperConnectionPoolDataSource");
6a8cc2 
         // [databind#1855]: more 3rd party

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation