rpms/jackson-databind
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:main
rpms:f43
rpms:f42
rpms:f41
rpms:f40
rpms:FixRHELBuild
rpms:2.15.3-rawhide-update
rpms:f39
rpms:f38
rpms:f37
rpms:f36
rpms:f35
rpms:f32
rpms:f34
rpms:f33
rpms:tycho
rpms:f30
rpms:f31
rpms:f29
rpms:eclipse
rpms:f28
rpms:f26
rpms:f27
rpms:f24
rpms:f25
rpms:f23
rpms:f22
rpms:f21
rpms:f19
rpms:f20
rpms:epel7
...
pull from: rpms:f30
Branches Tags
rpms:main
rpms:rawhide
rpms:f43
rpms:f42
rpms:f41
rpms:f40
rpms:FixRHELBuild
rpms:2.15.3-rawhide-update
rpms:f39
rpms:f38
rpms:f37
rpms:f36
rpms:f35
rpms:f32
rpms:f34
rpms:f33
rpms:tycho
rpms:f30
rpms:f31
rpms:f29
rpms:eclipse
rpms:f28
rpms:f26
rpms:f27
rpms:f24
rpms:f25
rpms:f23
rpms:f22
rpms:f21
rpms:f19
rpms:f20
rpms:epel7
Sign in to create a new pull request.

2 commits
rawhide ... f30

Author SHA1 Message Date
Alexander Scheel
31e1385052
 		Update to latest upstream release 2.10.0 
Fixes: CVE-2019-14540
Fixes: CVE-2019-16335
Fixes: CVE-2019-16942
Fixes: CVE-2019-16943
Resolves: rhbz#1758168
Resolves: rhbz#1758172
Resolves: rhbz#1758183

Signed-off-by: Alexander Scheel <ascheel@redhat.com>
 2019-10-04 00:37:18 +02:00
Fabio Valentini
e5e8b4762e
 		update to version 2.9.9.3 
resolves:

- CVE-2019-12086
- CVE-2019-12384
- CVE-2019-12814
- CVE-2019-14379
 2019-09-13 23:04:11 +02:00
3 changed files with 19 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1,2 +1,3 @@
jackson-databind-jackson-databind-*/
/jackson-databind-*.tar.gz
/*.src.rpm

19
jackson-databind.spec
View file

@ -1,5 +1,5 @@
Name: jackson-databind
Version: 2.9.8
Version: 2.10.0
Release: 1%{?dist}
Summary: General data-binding package for Jackson (2.x)
License: ASL 2.0 and LGPLv2+
@ -7,6 +7,7 @@ URL: https://github.com/FasterXML/jackson-databind/
Source0: https://github.com/FasterXML/jackson-databind/archive/%{name}-%{version}.tar.gz
BuildRequires: maven-local
BuildRequires: mvn(com.fasterxml.jackson.core:jackson-annotations) >= %{version}
BuildRequires: mvn(com.fasterxml.jackson.core:jackson-core) >= %{version}
BuildRequires: mvn(com.fasterxml.jackson:jackson-base:pom:) >= %{version}
@ -33,8 +34,9 @@ This package contains API documentation for %{name}.
# Remove plugins unnecessary for RPM builds
%pom_remove_plugin ":maven-enforcer-plugin"
%pom_remove_plugin "org.jacoco:jacoco-maven-plugin"
%pom_remove_plugin "org.moditect:moditect-maven-plugin"
cp -p src/main/resources/META-INF/LICENSE .
cp -p src/main/resources/META-INF/NOTICE .
sed -i 's/\r//' LICENSE NOTICE
@ -67,6 +69,19 @@ rm src/test/java/com/fasterxml/jackson/databind/ser/jdk/JDKTypeSerializationTest
%license LICENSE NOTICE
%changelog
* Thu Oct 3 2019 Alexander Scheel <ascheel@redhat.com> - 2.10.0-1
- Update to latest upstream release
- Fixes: CVE-2019-14540
- Fixes: CVE-2019-16335
- Fixes: CVE-2019-16942
- Fixes: CVE-2019-16943
- Resolves: rhbz#1758168
- Resolves: rhbz#1758172
- Resolves: rhbz#1758183
* Thu Sep 12 2019 Alexander Scheel <ascheel@redhat.com> - 2.9.9.3-1
- Update to latest upstream release; fixes CVE-2019-12384
* Wed Feb 06 2019 Mat Booth <mat.booth@redhat.com> - 2.9.8-1
- Update to latest upstream release, fixes CVE-2018-14718 CVE-2018-147189
CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023

2
sources
View file

@ -1 +1 @@
SHA512 (jackson-databind-2.9.8.tar.gz) = 201b2d6cbc875898536904358bc6634ea66e0f624cbee0185ab33d144f2710001ef9f58b26b0d4b412cd48ee866ef2ba728ab60d09c6b1072c2fa9a9d7427d8d
SHA512 (jackson-databind-2.10.0.tar.gz) = 1053e9418718d6f5f6ffbf4e2ce9880da698aa5910a147b8c729c75f0376863ff6a89a9eae3a03d3ae3f2f5bce3fe2f2cfb57d0db308956921c1b0f5c8139e8e