jackson-databind (2.9.1-1)
[PTS] [DDPO]
OK: VCS matches the version in the archive
- Git: https://anonscm.debian.org/git/pkg-java/jackson-databind.git
-
- Branch: master
- Path: debian/changelog
- Browser: https://anonscm.debian.org/cgit/pkg-java/jackson-databind.git
- Last scan: 2017-10-15 23:45:52+00
- Next scan: 2017-10-17 19:45:00+00
- Debian changelog in Git:
jackson-databind (2.9.1-1) unstable; urgency=medium
* Team upload.
* New upstream version 2.9.1.
- Fixes CVE-2017-7525: Deserialization vulnerability via readValue
method of ObjectMapper (Closes: #870848)
- Builds fine with Java 9. (Closes: #875411)
* Declare compliance with Debian Policy 4.1.1.
* Tighten B-D on jackson-core and jackson-annotations.
* Add libmaven-shade-plugin-java to B-D.
-- Markus Koschany <apo@debian.org> Thu, 12 Oct 2017 00:31:43 +0200
- This branch is even with tag debian/2.9.1-1
