https://bugzilla.redhat.com/show_bug.cgi?id=1725807
Joshua Padman jpadman@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=important,public=201 |impact=important,public=201 |90621,reported=20190625,sou |90621,reported=20190625,sou |rce=cve,cvss3=9.8/CVSS:3.0/ |rce=cve,cvss3=9.8/CVSS:3.0/ |AV:N/AC:L/PR:N/UI:N/S:U/C:H |AV:N/AC:L/PR:N/UI:N/S:U/C:H |/I:H/A:H,cwe=CWE-502,fedora |/I:H/A:H,cwe=CWE-502,fedora |-all/jackson-databind=affec |-all/jackson-databind=affec |ted,amq-6/jackson-databind= |ted,amq-6/jackson-databind= |new,amq-st/jackson-databind |new,amq-st/jackson-databind |=new,bpms-6/jackson-databin |=new,bpms-6/jackson-databin |d=affected,openstack-9/open |d=affected,openstack-9/open |daylight=new,openstack-10/o |daylight=new,openstack-10/o |pendaylight=new,openstack-1 |pendaylight=new,openstack-1 |3/opendaylight=new,openstac |3/opendaylight=notaffected, |k-14/opendaylight=new,rhsso |openstack-14/opendaylight=n |-7/jackson-databind=notaffe |otaffected,rhsso-7/jackson- |cted,vertx-3/jackson-databi |databind=notaffected,vertx- |nd=new,swarm-7/jackson-data |3/jackson-databind=new,swar |bind=new,rhel-8/pki-deps:10 |m-7/jackson-databind=new,rh |.6/jackson-databind=affecte |el-8/pki-deps:10.6/jackson- |d,rhn_satellite_6/jackson-d |databind=affected,rhn_satel |atabind=affected,rhscl-3/rh |lite_6/jackson-databind=aff |-maven35-jackson-databind=a |ected,rhscl-3/rh-maven35-ja |ffected,rhdm-7/jackson-data |ckson-databind=affected,rhd |bind=affected,rhpam-7/jacks |m-7/jackson-databind=affect |on-databind=affected,fuse-6 |ed,rhpam-7/jackson-databind |/jackson-databind=affected, |=affected,fuse-6/jackson-da |fuse-7/jackson-databind=aff |tabind=affected,fuse-7/jack |ected,eap-7/jackson-databin |son-databind=affected,eap-7 |d=new,rhmap-4/jackson-datab |/jackson-databind=new,rhmap |ind=notaffected,openshift-e |-4/jackson-databind=notaffe |nterprise-3.11/ose-logging- |cted,openshift-enterprise-3 |elasticsearch5=new,openshif |.11/ose-logging-elasticsear |t-enterprise-3.10/elasticse |ch5=new,openshift-enterpris |arch-cloud-kubernetes=new,o |e-3.10/elasticsearch-cloud- |penshift-enterprise-3.9/ela |kubernetes=new,openshift-en |sticsearch-cloud-kubernetes |terprise-3.9/elasticsearch- |=new,openshift-enterprise-3 |cloud-kubernetes=new,opensh |.7/elasticsearch-cloud-kube |ift-enterprise-3.7/elastics |rnetes=new,openshift-enterp |earch-cloud-kubernetes=new, |rise-3.6/elasticsearch-clou |openshift-enterprise-3.6/el |d-kubernetes=new,openshift- |asticsearch-cloud-kubernete |enterprise-3.10/openshift-e |s=new,openshift-enterprise- |lasticsearch-plugin=new,ope |3.10/openshift-elasticsearc |nshift-enterprise-3.9/opens |h-plugin=new,openshift-ente |hift-elasticsearch-plugin=n |rprise-3.9/openshift-elasti |ew,openshift-enterprise-3.7 |csearch-plugin=new,openshif |/openshift-elasticsearch-pl |t-enterprise-3.7/openshift- |ugin=new,openshift-enterpri |elasticsearch-plugin=new,op |se-3.6/openshift-elasticsea |enshift-enterprise-3.6/open |rch-plugin=new |shift-elasticsearch-plugin= | |new
--- Comment #7 from Joshua Padman jpadman@redhat.com --- OpenDaylight is not configured to use logback and does not contain the vulnerable classes in the classpath