packages/jackson-databind
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
jackson-databind/CVE-2021-20190.patch
wang_yue111 a9990537ad fix CVE-2021-20190
2021-01-27 16:22:22 +08:00

24 lines
1.1 KiB
Diff
Raw Blame History

From 7dbf51bf78d157098074a20bd9da39bd48c18e4a Mon Sep 17 00:00:00 2001
From: Tatu Saloranta <tatu.saloranta@iki.fi>
Date: Thu, 17 Sep 2020 20:11:25 -0700
Subject: [PATCH] Fix #2854
---
.../jackson/databind/jsontype/impl/SubTypeValidator.java | 3 ++-
diff --git a/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java b/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java
index dc706429cf..a8b5cb1ba3 100644
--- a/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java
+++ b/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java
@@ -143,8 +143,9 @@
// [databind#2814]: anteros-dbcp
s.add("br.com.anteros.dbcp.AnterosDBCPDataSource");
- // [databind#2642]: javax.swing (jdk)
+ // [databind#2642][databind#2854]: javax.swing (jdk)
s.add("javax.swing.JEditorPane");
+ s.add("javax.swing.JTextPane");
// [databind#2648], [databind#2653]: shire-core
s.add("org.apache.shiro.realm.jndi.JndiRealmFactory");
Reference in New Issue View Git Blame Copy Permalink