You are here
Home > Preporuke > Ranjivost programskog paketa jackson-dataformat-xml

Ranjivost programskog paketa jackson-dataformat-xml

  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2016-d708261ce2
2016-05-16 14:06:57.684344
——————————————————————————–

Name : jackson-dataformat-xml
Product : Fedora 22
Version : 2.5.0
Release : 3.fc22
URL : http://wiki.fasterxml.com/JacksonExtensionXmlDataBinding
Summary : XML data binding extension for Jackson
Description :
Data format extension for Jackson (http://jackson.codehaus.org)
to offer alternative support for serializing POJOs as XML and
deserializing XML as POJOs. Support implemented on top of Stax API
(javax.xml.stream), by implementing core Jackson Streaming API types
like JsonGenerator, JsonParser and JsonFactory. Some data-binding types
overridden as well (ObjectMapper sub-classed as XmlMapper).

——————————————————————————–
Update Information:

Security fix for CVE-2016-3720
——————————————————————————–
References:

[ 1 ] Bug #1328427 – CVE-2016-3720 jackson-dataformat-xml: XmlMapper is vulnerable to XXE attack
https://bugzilla.redhat.com/show_bug.cgi?id=1328427
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update jackson-dataformat-xml’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org

AutorTomislav Protega
Cert idNCERT-REF-2016-05-0022-ADV
CveCVE-2016-3720
ID izvornikaFEDORA-2016-d708261ce2
Proizvodjackson-dataformat-xml
Izvorhttp://www.redhat.com
Top
More in Preporuke
Ranjivost jezgre operacijskog sustava

Otkrivene su četiri ranjivosti u jezgri operacijskog sustava Fedora. Potencijalni udaljeni napadači ranjivosti bi mogli iskoristiti za rušenje sustava te...

Close