DLA 2111-1: jackson-databind security update

Debian 9909 Published 2020-02-20 16:13 by Philipp Esselbach

News

A jackson-databind security update has been released for Debian GNU/Linux 8 LTS.

Package : jackson-databind
Version : 2.4.2-2+deb8u11
CVE ID : CVE-2019-20330 CVE-2020-8840

It was found that jackson-databind, a Java library used to parse JSON and
other data formats, could deserialize data without proper validation,
allowing a maliciously client to perform remote code execution on a
service with the required characteristics.

For Debian 8 "Jessie", these problems have been fixed in version
2.4.2-2+deb8u11.

We recommend that you upgrade your jackson-databind packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

DLA 2112-1: python-reportlab security update

CESA-2020:0550 Important CentOS 7 openjpeg2 Security Update

Windows

Software 42311
Simplewall 3.8.1 released
2024-04-28 05:24 by Philipp Esselbach
Software 42311
Winpilot 2024.5.3 released
2024-04-27 14:26 by Philipp Esselbach
Windows 11 409
Windows 11 Insider Preview Build 22635.3566 (Beta Channel) released
2024-04-27 07:21 by Philipp Esselbach

Linux

Security 10757
Linux Security Roundup for Week 18, 2024
2024-04-28 08:58 by Philipp Esselbach
Debian 9909
XanMod Linux Kernel 6.8.8 released
2024-04-28 07:51 by Philipp Esselbach
Debian 9909
XanMod Linux Kernel 6.6.29 released
2024-04-28 07:29 by Philipp Esselbach

macOS

Apple 10159
watchOS 10.5 Beta 3 released
2024-04-24 06:52 by Philipp Esselbach
Apple 10159
tvOS 17.5 Beta 3 released
2024-04-24 06:52 by Philipp Esselbach
Apple 10159
visionOS 1.2 Beta 3 released
2024-04-24 06:52 by Philipp Esselbach

Community

dhamu
Hello Phil, I have a Linux Tutorial website that curre ...
StephanX
Hi friends, i am new in the Linux universe but i try to ...
Philipp
I would try the XanMod kernel: https://xanmod.org I ...