Package "cjson"
Name: |
cjson
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Ultralightweight JSON parser in ANSI C (development files)
- Ultralightweight JSON parser in ANSI C
|
Latest version: |
1.7.16-1ubuntu0.2 |
Release: |
mantic (23.10) |
Level: |
updates |
Repository: |
universe |
Links
Other versions of "cjson" in Mantic
Packages in group
Deleted packages are displayed in grey.
Changelog
cjson (1.7.16-1ubuntu0.2) mantic-security; urgency=medium
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2023-50471-50472-1.patch: add NULL checks in
cJSON_InsertItemInArray and cJSON_SetValuestring.
- debian/patches/CVE-2023-50471-50472-2.patch: fix error in null
checkings
- CVE-2023-50471
- CVE-2023-50472
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2024-31755-1.patch: adds the NULL check of
valuestring before it is dereferenced.
- debian/patches/CVE-2024-31755-2.patch: update comments and add
tests for cJSON_SetValuestring.
- CVE-2024-31755
-- Allen Huang <email address hidden> Tue, 21 May 2024 16:44:05 +0100
|
CVE-2023-50471 |
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c. |
CVE-2023-50472 |
cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_SetValuestring at cJSON.c. |
CVE-2024-31755 |
cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at |
|
About
-
Send Feedback to @ubuntu_updates