Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Block one more gadget type (javax.swing, CVE-2020-20190) #2854

Closed
cowtowncoder opened this issue Sep 16, 2020 · 0 comments
Closed

Block one more gadget type (javax.swing, CVE-2020-20190) #2854

cowtowncoder opened this issue Sep 16, 2020 · 0 comments
Milestone
2.9.10.7

Comments

@cowtowncoder
Copy link
Member

cowtowncoder commented Sep 16, 2020
edited
Loading

Another gadget type(s) has been reported regarding a class(es) of JDK Swing.

See https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 for description of the general problem.

Mitre id: CVE-2021-20190 (see https://nvd.nist.gov/vuln/detail/CVE-2021-20190)
Reporter(s): Yangkun(ICSL)

Fix is be included in:
@cowtowncoder cowtowncoder added the to-evaluate Issue that has been received but not yet evaluated label Sep 16, 2020
@cowtowncoder cowtowncoder mentioned this issue Sep 16, 2020
Closed
@cowtowncoder cowtowncoder changed the title Block one more gadget type (JDK/Swing) Block one more gadget type (javax.swing, CVE-2020-xxx) Sep 18, 2020
@cowtowncoder cowtowncoder removed the to-evaluate Issue that has been received but not yet evaluated label Sep 18, 2020
@cowtowncoder cowtowncoder added this to the 2.9.10.7 milestone Sep 18, 2020
cowtowncoder added a commit that referenced this issue Sep 18, 2020
@cowtowncoder
Fix #2854
7dbf51b
qxo added a commit to qxo/jackson-databind that referenced this issue Sep 21, 2020
@qxo
fix: merge fix from 2.9 branch FasterXML#2653 FasterXML#2658 FasterXM…
7e70e8e 
…L#2659 FasterXML#2660 FasterXML#2662 FasterXML#2664 FasterXML#2666 FasterXML#2670 FasterXML#2680 FasterXML#2682 FasterXML#2688 FasterXML#2698 FasterXML#2704 FasterXML#2765 FasterXML#2798 FasterXML#2814 FasterXML#2826 FasterXML#2827 FasterXML#2854

1. generated diff CVE diff
git diff ad5a630 -- src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java

2. cleanup the diff ,just remain the CVE change

3. apply the diff

4. check and make sure only commit the AutoType CVE change.

```
PR_LIST=$(git log1 -n 17 ad5a630 -- src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java | awk -F'[ ,]+' '{for(i=1;i<=NF;i++){a=$(i);if(match(a,/#[0-9]+/)){print a;}}}' | sort | uniq);echo "$PR_LIST" | wc -l
echo $PR_LIST
```
@qxo qxo mentioned this issue Sep 21, 2020
Merged
cowtowncoder pushed a commit that referenced this issue Sep 22, 2020
@qxo
fix: merge fix from 2.9 branch #2653 #2658 #2659 #2660 #2662 #2664 #2666
08fbfac 
 #2670 #2680 #2682 #2688 #2698 #2704 #2765 #2798 #2814 #2826 #2827 #2854 (#2858)

1. generated diff CVE diff
git diff ad5a630 -- src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java

2. cleanup the diff ,just remain the CVE change

3. apply the diff

4. check and make sure only commit the AutoType CVE change.

```
PR_LIST=$(git log1 -n 17 ad5a630 -- src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java | awk -F'[ ,]+' '{for(i=1;i<=NF;i++){a=$(i);if(match(a,/#[0-9]+/)){print a;}}}' | sort | uniq);echo "$PR_LIST" | wc -l
echo $PR_LIST
```
cowtowncoder added a commit that referenced this issue Jan 20, 2021
@cowtowncoder
add cve id for #2854
8c9c75a
This was referenced Jan 23, 2021
Open
Open
Open
This was referenced Jan 23, 2021
Closed
Closed
Open
This was referenced Jan 24, 2021
Closed
Open
Open
@mend-bolt-for-github mend-bolt-for-github bot mentioned this issue Jan 27, 2021
Open
This was referenced Jan 28, 2021
Open
Open
Open
This was referenced Jan 28, 2021
Closed
Closed
@mend-for-github-com mend-for-github-com bot mentioned this issue Feb 2, 2021
Open
@mend-bolt-for-github mend-bolt-for-github bot mentioned this issue Feb 2, 2021
Open
This was referenced Feb 5, 2021
Closed
Open
@mend-bolt-for-github mend-bolt-for-github bot mentioned this issue Mar 11, 2022
Closed
This was referenced Mar 12, 2022
Closed
Closed
This was referenced Mar 14, 2022
Open
Open
Open
Open
Closed
Open
Closed
This was referenced Mar 14, 2022
Closed
Open
@mend-bolt-for-github mend-bolt-for-github bot mentioned this issue Mar 22, 2022
Open
This was referenced Mar 31, 2022
Closed
Open
This was referenced May 10, 2022
Open
Open
@mend-bolt-for-github mend-bolt-for-github bot mentioned this issue May 31, 2022
Closed
This was referenced May 31, 2022
Closed
Closed
Closed
@scott-cx scott-cx mentioned this issue Aug 1, 2022
Open
@cxronen cxronen mentioned this issue Sep 20, 2022
Open
@margaritalm margaritalm mentioned this issue Dec 25, 2022
Open
@cowtowncoder cowtowncoder changed the title Block one more gadget type (javax.swing, CVE-2020-xxx) Block one more gadget type (javax.swing, CVE-2020-20190) Jan 12, 2023
@ytang1-godaddy ytang1-godaddy mentioned this issue Feb 6, 2023
Open
This was referenced Feb 15, 2023
Open
Open
@cxronen cxronen mentioned this issue May 25, 2023
Open
@sharonbz sharonbz mentioned this issue Aug 7, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.9.10.7
Development

No branches or pull requests
1 participant
@cowtowncoder