File _service:tar_scm:CVE-2019-14379-CVE-2019-14439.... of Package jackson-databind

File _service:tar_scm:CVE-2019-14379-CVE-2019-14439.patch of Package jackson-databind

From ad418eeb974e357f2797aef64aa0e3ffaaa6125b Mon Sep 17 00:00:00 2001
From: Tatu Saloranta <tatu.saloranta@iki.fi>
Date: Thu, 25 Jul 2019 21:58:11 -0700
Subject: [PATCH] Backport #2387, #2389 fixes

---
 .../jackson/databind/jsontype/impl/SubTypeValidator.java    | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java b/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java
index c4d7f3827..fa7ff2368 100644
--- a/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java
+++ b/src/main/java/com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.java
@@ -90,6 +90,12 @@ public class SubTypeValidator
         s.add("org.jdom.transform.XSLTransformer");
         s.add("org.jdom2.transform.XSLTransformer");
 
+        // [databind#2387]: EHCache
+        s.add("net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup");
+
+        // [databind#2389]: logback/jndi
+        s.add("ch.qos.logback.core.db.JNDIConnectionSource");
+
         DEFAULT_NO_DESER_CLASS_NAMES = Collections.unmodifiableSet(s);
     }
 
-- 
2.23.0