Debian Package Tracker
Register | Log in
Subscribe

jackson-databind

fast and powerful JSON library for Java -- data binding

Choose email to subscribe with

general
  • source: jackson-databind (main)
  • version: 2.14.0-1
  • maintainer: Debian Java Maintainers (archive) (DMD)
  • uploaders: Markus Koschany [DMD]
  • arch: all
  • std-ver: 4.6.1
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 2.8.6-1+deb9u7
  • o-o-sec: 2.8.6-1+deb9u10
  • oldstable: 2.9.8-3+deb10u3
  • old-sec: 2.9.8-3+deb10u4
  • stable: 2.12.1-1
  • stable-sec: 2.12.1-1+deb11u1
  • testing: 2.14.0-1
  • unstable: 2.14.0-1
versioned links
  • 2.8.6-1+deb9u7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.8.6-1+deb9u10: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.9.8-3+deb10u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.9.8-3+deb10u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.12.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.12.1-1+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.14.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libjackson2-databind-java
action needed
A new upstream version is available: 2.14.2 high
A new upstream version 2.14.2 is available, you should consider packaging it.
Created: 2022-11-24 Last update: 2023-03-27 22:37
1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:
  • CVE-2021-46877: jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
Created: 2023-03-19 Last update: 2023-03-27 11:06
Depends on packages which need a new maintainer normal
The packages that jackson-databind depends on which need a new maintainer are:
  • xmlstarlet (#1015848)
    • Build-Depends: xmlstarlet
Created: 2022-07-22 Last update: 2023-03-27 21:33
lintian reports 1 warning normal
Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.
Created: 2022-11-13 Last update: 2023-02-03 01:38
1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:
  • CVE-2021-46877: (needs triaging) jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.

You can find information about how to handle this issue in the security team's documentation.

Created: 2023-03-19 Last update: 2023-03-27 11:06
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.6.1).
Created: 2022-12-17 Last update: 2022-12-17 19:18
news
[rss feed]
  • [2022-11-27] Accepted jackson-databind 2.9.8-3+deb10u4 (source) into oldstable (Markus Koschany)
  • [2022-11-19] Accepted jackson-databind 2.12.1-1+deb11u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Markus Koschany)
  • [2022-11-18] jackson-databind 2.14.0-1 MIGRATED to testing (Debian testing watch)
  • [2022-11-17] Accepted jackson-databind 2.12.1-1+deb11u1 (source) into stable-security (Debian FTP Masters) (signed by: Markus Koschany)
  • [2022-11-12] Accepted jackson-databind 2.14.0-1 (source) into unstable (Markus Koschany)
  • [2022-05-05] jackson-databind 2.13.2.2-1 MIGRATED to testing (Debian testing watch)
  • [2022-05-02] Accepted jackson-databind 2.8.6-1+deb9u10 (source) into oldoldstable (Markus Koschany)
  • [2022-04-30] Accepted jackson-databind 2.13.2.2-1 (source) into unstable (Markus Koschany)
  • [2021-11-09] jackson-databind 2.13.0-2 MIGRATED to testing (Debian testing watch)
  • [2021-11-04] Accepted jackson-databind 2.13.0-2 (source) into unstable (Markus Koschany)
  • [2021-10-22] Accepted jackson-databind 2.13.0-1 (source) into unstable (Markus Koschany)
  • [2021-09-12] jackson-databind 2.12.5-1 MIGRATED to testing (Debian testing watch)
  • [2021-09-07] Accepted jackson-databind 2.12.5-1 (source) into unstable (Markus Koschany)
  • [2021-05-03] Accepted jackson-databind 2.9.8-3+deb10u3 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Utkarsh Gupta)
  • [2021-04-24] Accepted jackson-databind 2.8.6-1+deb9u9 (source) into oldstable (Utkarsh Gupta)
  • [2021-01-23] jackson-databind 2.12.1-1 MIGRATED to testing (Debian testing watch)
  • [2021-01-17] Accepted jackson-databind 2.12.1-1 (source) into unstable (Emmanuel Bourg)
  • [2020-10-14] Accepted jackson-databind 2.8.6-1+deb9u8 (source all) into oldstable (Chris Lamb)
  • [2020-07-15] jackson-databind 2.11.1-1 MIGRATED to testing (Debian testing watch)
  • [2020-07-09] Accepted jackson-databind 2.9.8-3+deb10u2 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Markus Koschany)
  • [2020-07-09] Accepted jackson-databind 2.8.6-1+deb9u7 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Markus Koschany)
  • [2020-07-09] Accepted jackson-databind 2.11.1-1 (source) into unstable (Markus Koschany)
  • [2020-07-01] Accepted jackson-databind 2.4.2-2+deb8u15 (source all) into oldoldstable (Utkarsh Gupta)
  • [2020-04-17] Accepted jackson-databind 2.4.2-2+deb8u14 (source all) into oldoldstable (Utkarsh Gupta)
  • [2020-03-21] Accepted jackson-databind 2.4.2-2+deb8u13 (source all) into oldoldstable (Utkarsh Gupta)
  • [2020-03-05] Accepted jackson-databind 2.4.2-2+deb8u12 (source all) into oldoldstable (Utkarsh Gupta)
  • [2020-02-21] jackson-databind 2.10.2-1 MIGRATED to testing (Debian testing watch)
  • [2020-02-20] Accepted jackson-databind 2.4.2-2+deb8u11 (source all) into oldoldstable (Emilio Pozuelo Monfort)
  • [2020-02-16] Accepted jackson-databind 2.10.2-1 (source) into unstable (Markus Koschany)
  • [2019-12-21] jackson-databind 2.10.1-1 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 1
  • RC: 0
  • I&N: 1
  • M&W: 0
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian (0, 1)
  • buildd: logs, reproducibility
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • debian patches
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 2.14.0-1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing