UbuntuUpdates.org

Package "whoopsie"

Name: whoopsie

Description:

Ubuntu error tracker submission

Latest version: 0.2.69ubuntu0.1
Release: focal (20.04)
Level: updates
Repository: main
Homepage: http://wiki.ubuntu.com/ErrorTracker

Links


Download "whoopsie"


Other versions of "whoopsie" in Focal

Repository Area Version
base main 0.2.69
security main 0.2.69ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.2.69ubuntu0.1 2020-08-04 20:06:42 UTC

  whoopsie (0.2.69ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: integer overflow in bson parsing (LP: #1872560)
    - lib/bson/*: updated to latest upstream release.
    - CVE-2020-12135
  * SECURITY UPDATE: resource exhaustion via memory leak (LP: #1881982)
    - src/whoopsie.c, src/tests/test_parse_report.c: properly handle
      GHashTable.
    - CVE-2020-11937
  * SECURITY UPDATE: DoS via large data length (LP: #1882180)
    - src/whoopsie.c, src/whoopsie.h, src/tests/test_parse_report.c: limit
      the size of a report file.
    - CVE-2020-15570

 -- Marc Deslauriers <email address hidden> Fri, 24 Jul 2020 08:55:26 -0400

1872560 integer overflow in whoopsie 0.2.69
1881982 DoS vulnerability: cause resource exhaustion
1882180 DoS vulnerability: fail to allocate
CVE-2020-12135 bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() par
CVE-2020-11937 RESERVED
CVE-2020-15570 The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denia



About   -   Send Feedback to @ubuntu_updates