A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.9.2-3+deb8u1build0.14.04.1~esm1", "binary_name": "libjackson-json-java" }, { "binary_version": "1.9.2-3+deb8u1build0.14.04.1~esm1", "binary_name": "libjackson-json-java-doc" } ] }