UbuntuUpdates.org

Package "json-c"

Name: json-c

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • JSON manipulation library - development files
  • JSON manipulation library - documentation files
  • JSON manipulation library - shared library
  • JSON manipulation library - debug symbols

Latest version: 0.11-3ubuntu1.2
Release: trusty (14.04)
Level: updates
Repository: main

Links



Other versions of "json-c" in Trusty

Repository Area Version
base main 0.11-3ubuntu1
security main 0.11-3ubuntu1.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.11-3ubuntu1.2 2014-06-12 18:06:47 UTC

  json-c (0.11-3ubuntu1.2) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via buffer overflow (LP: #1311397)
    - debian/patches/CVE-2013-6370.patch: check lengths and add warnings to
      json_tokener.*.
    - CVE-2013-6370
  * SECURITY UPDATE: denial of service via hash collision (LP: #1311397)
    - debian/patches/CVE-2013-6371.patch: added better random seed and hash
      functions to Makefile.am, config.h.in, linkhash.c, random_seed.*,
      configure.in.
    - debian/libjson-c2.symbols: added new symbol.
    - CVE-2013-6371
 -- Marc Deslauriers <email address hidden> Tue, 03 Jun 2014 15:07:35 -0400

1311397 json-c: CVE-2013-6370 CVE-2013-6371
CVE-2013-6370 Buffer overflow in the printbuf APIs in json-c before 0.12 allows ...
CVE-2013-6371 The hash functionality in json-c before 0.12 allows context-dependent ...



About   -   Send Feedback to @ubuntu_updates