Debian has Released Security Updates for jackson-databind

Debian has released security update for jackson-databind package.

This release fixes around 11 vulnerabilities against jackson-databind package.

Date Reported: 24-May-2019

Fix Released On: N/A

Severity Level: N/A

Affected Packages: jackson-databind

Affected Operating System & Version:

  • Debian 8 (Jessie)
  • Debian 9 (Stretch)

Details:

Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code.

It’s recommended to update the jackson-databind package ASAP.

For more details about the security issues, and other related information, refer to the CVE pages.

Debian Security Advisory References:

Security Database References (CVE):

Solution:

  • These issue have been fixed on Debian 9 (Stretch) in version 2.8.6-1+deb9u5.
  • These issue have been fixed on Debian 8 (Jessie) in version 2.4.2-2+deb8u6.

Run the following command to install the above updates.

sudo apt install --only-upgrade jackson-databind

Leave a Reply

Your email address will not be published. Required fields are marked *