https://bugzilla.redhat.com/show_bug.cgi?id=1725807 Bug 1725807 depends on bug 1725808, which changed state.
Bug 1725808 Summary: CVE-2019-12384 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1725808
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA