-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 30 Apr 2022 14:05:08 +0200 Source: jackson-databind Architecture: source Version: 2.13.2.2-1 Distribution: unstable Urgency: medium Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Closes: 1007109 Changes: jackson-databind (2.13.2.2-1) unstable; urgency=medium . * New upstream version 2.13.2.2. - Fix CVE-2020-36518: Java StackOverflow exception and denial of service via a large depth of nested objects. (Closes: #1007109) Thanks to Neil Williams for the report. Checksums-Sha1: 805d354466ec13775d44e8c5ac59ab751b51424e 2506 jackson-databind_2.13.2.2-1.dsc 4660379669c0142483418242c94e97a62784d48b 1065056 jackson-databind_2.13.2.2.orig.tar.xz fe9f4682f6312ca855daeafdeafa2522a932f7e6 5460 jackson-databind_2.13.2.2-1.debian.tar.xz fa104b1fa161a516f31a54e0a95356e311f275f4 16517 jackson-databind_2.13.2.2-1_amd64.buildinfo Checksums-Sha256: 2d363dcdac738fae308f592a225e062554b54216da7aca47d881683fe8f6fa90 2506 jackson-databind_2.13.2.2-1.dsc c25b021c193e7993e201604fa3da6f23572344e8d38ef72974badfbd8e5b800b 1065056 jackson-databind_2.13.2.2.orig.tar.xz 8f6639770f6019eb840d6875daf4b4933e9e347ac902871d01201082dbacb7d5 5460 jackson-databind_2.13.2.2-1.debian.tar.xz c5a146b60fc973703ac186b584f597b22cb549607591a6c0af2016998e449df5 16517 jackson-databind_2.13.2.2-1_amd64.buildinfo Files: 0dd6db8e88d1f30de5ed2e9a29776fa6 2506 java optional jackson-databind_2.13.2.2-1.dsc e8d27c569f101f4bf8df605c62da531b 1065056 java optional jackson-databind_2.13.2.2.orig.tar.xz d403124377165097aa93ec7731a53b51 5460 java optional jackson-databind_2.13.2.2-1.debian.tar.xz 8c9fb32130cc7a492834e0074383f62f 16517 java optional jackson-databind_2.13.2.2-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmJtJtdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkPnEQAJXIi0Hm9kLoNQrjFOE2b53sMuflvHlHWa9p K3+TSzNE1KSZit+geZi0OqGGiqZP/ox1KCMsDDrvmSDmV3pFqm/mAu4DBtf79IYr LJg7w84G7D/Kw8b5gM0QOQr3PgEG1mANennWPHM2mkdASpd/GvQZP2tX8NJb2Dyd E/dLj8k6esxODYaeT7JP+XgybEZ0OwyJJKzTEEh+nhLz0d3bQNCJ0QPqSsQXLjSg To1jJHaJgbbbOJXsCq3+FkBUJ5Nd2DzDU9x7Y1iw/A2VhYmchiO1zC4bJ9DSFoRT 32lnrLSimybdlovXM5OI6UBqnw+bx38tb95V9FKKDNJHRtkX2lfQZAD5Uc+7KRUR LTEwkB1X7hkE3U69txH9rbZA8BhIJv1sVzNlT9xoHH40xM55lLzij8RdU8w8Ttfp QtI9y+xi456k49eAGIjIFjRsDi6TNDZ7LUk2t2jjv2ge2ZXD46NKytgCT1UM+OcH sejj48JWYLMPsgP+AsOBPY6KygSLizk9Rv2XIgioufyhBNTX+taBOV5kBB3/Hy2b bCao+LI0ikx8y7jkCYYcwcPApUtwWFxUwbeI7tTe6VSsNKMP/MqQlhNso+T+gcuf zxTubbvBFXcDHEC5WymIIU111Hgshh705B2QHA1Ff5QCPbY7HKoe0nVnEjEHB+4O yjaSdJX3 =NT52 -----END PGP SIGNATURE-----
