UbuntuUpdates.org

Package "libjson0-dev"

Name: libjson0-dev

Description:

JSON manipulation library - development files

Latest version: 0.9-1ubuntu1.4
Release: precise (12.04)
Level: updates
Repository: main
Head package: json-c
Homepage: http://oss.metaparadigm.com/json-c/

Links


Download "libjson0-dev"


Other versions of "libjson0-dev" in Precise

Repository Area Version
base main 0.9-1ubuntu1
security main 0.9-1ubuntu1.4

Changelog

Version: 0.9-1ubuntu1.4 2021-05-03 15:06:26 UTC

  json-c (0.9-1ubuntu1.4) precise-security; urgency=medium

  * SECURITY UPDATE: Integer overflows
    - debian/patches/CVE-2020-12762-*.patch: fix a series of
      integer overflows adding checks in linkhash.c, printbuf.c,
      also adds the fix for the INT_MAX regression caused in
      previous update.
    - CVE-2020-12762

 -- <email address hidden> (Leonidas S. Barbosa) Wed, 27 May 2020 11:26:22 -0300

Source diff to previous version
CVE-2020-12762 json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.

Version: 0.9-1ubuntu1.1 2014-06-12 18:06:43 UTC

  json-c (0.9-1ubuntu1.1) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via buffer overflow (LP: #1311397)
    - debian/patches/CVE-2013-6370.patch: check lengths and add warnings to
      json_tokener.*.
    - CVE-2013-6370
  * SECURITY UPDATE: denial of service via hash collision (LP: #1311397)
    - debian/patches/CVE-2013-6371.patch: added better random seed and hash
      functions to Makefile.am, config.h.in, linkhash.c, random_seed.*,
      configure.in.
    - debian/{control,rules}: build with autoreconf
    - CVE-2013-6371
 -- Marc Deslauriers <email address hidden> Tue, 03 Jun 2014 15:22:22 -0400

1311397 json-c: CVE-2013-6370 CVE-2013-6371
CVE-2013-6370 Buffer overflow in the printbuf APIs in json-c before 0.12 allows ...
CVE-2013-6371 The hash functionality in json-c before 0.12 allows context-dependent ...



About   -   Send Feedback to @ubuntu_updates