Gitiles
Code Review Sign In
gerrit.nordix.org / onap / doc / feb4e31e26dba48c39ed67961ac5058e44ecfec7
commitfeb4e31e26dba48c39ed67961ac5058e44ecfec7[log] [tgz]
authorThomas Nelson (arthurdent3) <nelson24@att.com>Tue Sep 17 11:10:11 2019 -0400
committerGerrit Code Review <gerrit@onap.org>Tue Sep 17 15:10:11 2019 +0000
treee385fd5e234c6c951f9702eaf7e90173216a5d8d
parentda100daf74fea2e5e53e19597c9e3555b8bbb699 [diff]
Update git submodules

* Update docs/submodules/music.git from branch 'master'
  to 5a742d9e9dce7c3da9ba193d61f0505e7cc57ec5
  - Jackson Faster-xml vulnerability.
    
    CVE-2019-14439 Information Disclosure Vulnerability
    
    FasterXML Jackson-databind is prone to an information-disclosure
    vulnerability that occurs due to a polymorphic typing issue.
    Specifically, this issue occurs when an externally exposed JSON endpoint
    has default typing enabled and has logback jar in the classpath.
    
    An attacker can exploit this issue to obtain sensitive information that
    may aid in further attacks.
    
    Issue-ID: MUSIC-504
    Signed-off-by: Thomas Nelson (arthurdent3) <nelson24@att.com>
    Signed-off-by: Thomas Nelson (arthurdent3) <nelson24@att.com>
    Change-Id: I2c31986ff2d792d482f84406e96c47dbf652f32f
1 file changed
tree: e385fd5e234c6c951f9702eaf7e90173216a5d8d
  1. docs/
  2. etc/
  3. shell/
  4. .gitignore
  5. .gitmodules
  6. .gitreview
  7. INFO.yaml
  8. LICENSE
  9. readthedocs.yml
  10. tox.ini