rpms/jackson-databind
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:main
rpms:f43
rpms:f42
rpms:f41
rpms:f40
rpms:FixRHELBuild
rpms:2.15.3-rawhide-update
rpms:f39
rpms:f38
rpms:f37
rpms:f36
rpms:f35
rpms:f32
rpms:f34
rpms:f33
rpms:tycho
rpms:f30
rpms:f31
rpms:f29
rpms:eclipse
rpms:f28
rpms:f26
rpms:f27
rpms:f24
rpms:f25
rpms:f23
rpms:f22
rpms:f21
rpms:f19
rpms:f20
rpms:epel7
...
pull from: rpms:f29
Branches Tags
rpms:main
rpms:rawhide
rpms:f43
rpms:f42
rpms:f41
rpms:f40
rpms:FixRHELBuild
rpms:2.15.3-rawhide-update
rpms:f39
rpms:f38
rpms:f37
rpms:f36
rpms:f35
rpms:f32
rpms:f34
rpms:f33
rpms:tycho
rpms:f30
rpms:f31
rpms:f29
rpms:eclipse
rpms:f28
rpms:f26
rpms:f27
rpms:f24
rpms:f25
rpms:f23
rpms:f22
rpms:f21
rpms:f19
rpms:f20
rpms:epel7
Sign in to create a new pull request.

1 commit
rawhide ... f29

Author SHA1 Message Date
Fabio Valentini
e5e8b4762e
 		update to version 2.9.9.3 
resolves:

- CVE-2019-12086
- CVE-2019-12384
- CVE-2019-12814
- CVE-2019-14379
 2019-09-13 23:04:11 +02:00
3 changed files with 11 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1,2 +1,3 @@
jackson-databind-jackson-databind-*/
/jackson-databind-*.tar.gz
/*.src.rpm

13
jackson-databind.spec
View file

@ -1,5 +1,5 @@
Name: jackson-databind
Version: 2.9.8
Version: 2.9.9.3
Release: 1%{?dist}
Summary: General data-binding package for Jackson (2.x)
License: ASL 2.0 and LGPLv2+
@ -7,9 +7,11 @@ URL: https://github.com/FasterXML/jackson-databind/
Source0: https://github.com/FasterXML/jackson-databind/archive/%{name}-%{version}.tar.gz
BuildRequires: maven-local
BuildRequires: mvn(com.fasterxml.jackson.core:jackson-annotations) >= %{version}
BuildRequires: mvn(com.fasterxml.jackson.core:jackson-core) >= %{version}
BuildRequires: mvn(com.fasterxml.jackson:jackson-base:pom:) >= %{version}
# TODO: Revert back to version macro when versions align again.
BuildRequires: mvn(com.fasterxml.jackson.core:jackson-annotations) >= 2.9.9
BuildRequires: mvn(com.fasterxml.jackson.core:jackson-core) >= 2.9.9
BuildRequires: mvn(com.fasterxml.jackson:jackson-base:pom:) >= 2.9.9
BuildRequires: mvn(com.google.code.maven-replacer-plugin:replacer)
BuildRequires: mvn(org.apache.felix:maven-bundle-plugin)
BuildRequires: mvn(org.powermock:powermock-api-mockito)
@ -67,6 +69,9 @@ rm src/test/java/com/fasterxml/jackson/databind/ser/jdk/JDKTypeSerializationTest
%license LICENSE NOTICE
%changelog
* Thu Sep 12 2019 Alexander Scheel <ascheel@redhat.com> - 2.9.9.3-1
- Update to latest upstream release; fixes CVE-2019-12384
* Wed Feb 06 2019 Mat Booth <mat.booth@redhat.com> - 2.9.8-1
- Update to latest upstream release, fixes CVE-2018-14718 CVE-2018-147189
CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023

2
sources
View file

@ -1 +1 @@
SHA512 (jackson-databind-2.9.8.tar.gz) = 201b2d6cbc875898536904358bc6634ea66e0f624cbee0185ab33d144f2710001ef9f58b26b0d4b412cd48ee866ef2ba728ab60d09c6b1072c2fa9a9d7427d8d
SHA512 (jackson-databind-2.9.9.3.tar.gz) = 1b5cd44f1ff25379b68a34973cede8a8bec42cb99c432effaf7b625566ba66bf2bdacd6b0e31b53b71e240163d1d7afdaee5b357495834ac7a12182bd284014c