Package "libjson-c2"

Name: libjson-c2


JSON manipulation library - shared library

Latest version: 0.11-3ubuntu1.2
Release: trusty (14.04)
Level: security
Repository: main
Head package: json-c
Homepage: https://github.com/json-c/json-c/wiki


Download "libjson-c2"

Other versions of "libjson-c2" in Trusty

Repository Area Version
base main 0.11-3ubuntu1
updates main 0.11-3ubuntu1.2


Version: 0.11-3ubuntu1.2 2014-06-12 17:06:48 UTC

  json-c (0.11-3ubuntu1.2) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via buffer overflow (LP: #1311397)
    - debian/patches/CVE-2013-6370.patch: check lengths and add warnings to
    - CVE-2013-6370
  * SECURITY UPDATE: denial of service via hash collision (LP: #1311397)
    - debian/patches/CVE-2013-6371.patch: added better random seed and hash
      functions to Makefile.am, config.h.in, linkhash.c, random_seed.*,
    - debian/libjson-c2.symbols: added new symbol.
    - CVE-2013-6371
 -- Marc Deslauriers <email address hidden> Tue, 03 Jun 2014 15:07:35 -0400

1311397 json-c: CVE-2013-6370 CVE-2013-6371
CVE-2013-6370 Buffer overflow in the printbuf APIs in json-c before 0.12 allows ...
CVE-2013-6371 The hash functionality in json-c before 0.12 allows context-dependent ...

About   -   Send Feedback to @ubuntu_updates