[ubuntu/focal-proposed] whoopsie 0.2.67 (Accepted)
Tiago Stürmer Daitx
tiago.daitx at ubuntu.com
Wed Oct 30 04:37:17 UTC 2019
whoopsie (0.2.67) focal; urgency=medium
* SECURITY UPDATE: Integer overflow when handling large bson
objects (LP: #1830865)
- lib/bson/bson.c, lib/bson/bson.h, src/whoopsie.c: use size_t
for size instead of int to prevent integer overflows.
- lib/bson/bson.c: ensure bson objects are not bigger than INT_MAX.
- CVE-2019-11484
* src/whoopsie.c: prevent freeing a NULL server response string.
Date: Wed, 30 Oct 2019 04:35:24 +0000
Changed-By: Tiago Stürmer Daitx <tiago.daitx at ubuntu.com>
Maintainer: Evan Dandrea <ev at ubuntu.com>
https://launchpad.net/ubuntu/+source/whoopsie/0.2.67
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 30 Oct 2019 04:35:24 +0000
Source: whoopsie
Architecture: source
Version: 0.2.67
Distribution: focal
Urgency: medium
Maintainer: Evan Dandrea <ev at ubuntu.com>
Changed-By: Tiago Stürmer Daitx <tiago.daitx at ubuntu.com>
Launchpad-Bugs-Fixed: 1830865
Changes:
whoopsie (0.2.67) focal; urgency=medium
.
* SECURITY UPDATE: Integer overflow when handling large bson
objects (LP: #1830865)
- lib/bson/bson.c, lib/bson/bson.h, src/whoopsie.c: use size_t
for size instead of int to prevent integer overflows.
- lib/bson/bson.c: ensure bson objects are not bigger than INT_MAX.
- CVE-2019-11484
* src/whoopsie.c: prevent freeing a NULL server response string.
Checksums-Sha1:
2b2545b6ecf29b3d02492425b65b3503bc840fb7 1820 whoopsie_0.2.67.dsc
803d035772656f9b45744ae1596f0c9712cb0e0b 62292 whoopsie_0.2.67.tar.xz
974f79dc76736d2df3c2b1f6e76a6898d98d7c94 7636 whoopsie_0.2.67_source.buildinfo
Checksums-Sha256:
27ad3453cd645c3471879833aa29a67bc5891f9e7279769f0ad188fb8e56a509 1820 whoopsie_0.2.67.dsc
30481b5002659234343908e7304744bb3d8f18699fd283a4c8ae94a7eea99291 62292 whoopsie_0.2.67.tar.xz
3699a73266c8588072fcc7183c57b4221d69eb866f1b986ca57fe0ef94ef07ab 7636 whoopsie_0.2.67_source.buildinfo
Files:
788095c692f466b9c081bde2350eeceb 1820 utils optional whoopsie_0.2.67.dsc
f89a2359397e7ef2ec50e6abf8fb08b9 62292 utils optional whoopsie_0.2.67.tar.xz
e2d0aca4d47f705235447889c315b576 7636 utils optional whoopsie_0.2.67_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJLBAEBCgA1FiEE+JEitvb+Hru9UiZmnDJEJjvUHeAFAl25EzMXHHRpYWdvLmRh
aXR4QHVidW50dS5jb20ACgkQnDJEJjvUHeC8XhAAjSMjE00cNEU/JilsDbVAet4e
wsuPLmKxqyQRor3cuJt9y8ACftbDulnssYkF0xbRVjEu694FwAyPXA8UZiZUEjOz
ULL5fUesz804A97C7WgVHhSLUP7GUChditHwFRXDmB4apnK9ap9yQGiL3mYt4c3V
CCmVeHBHQxNc0/LSh1TwNNkQOX0h8TbqH/cRvt4qEfxwJ/DUghX7hbNLxVPaxd20
nkfMbze2rSa3JFVKmOfsJ/pbTKhuIIfjfsTdrsPlU4GJAws2k9YnwZTUjhBgYC/U
H0YTZpwjIZr7tZIkGihbNnH0Ro+UenbdwCYQDtTlZUv182uiuTEqmEthfrbUXtIx
D9nJiEef6wW/EJp+/A/YQtlbzmSdMzmtZaZpLf0JUp6OvWnvyBXEujjmAqIch1N2
m1EUQinXJDi+2oZPs0dZlDkoagVWXXQQjrgqN1zpoRwKQ65NLAflc+JmAS3lWHUR
YYhIyBVqxZr2BwTZycu/F4Ji7Cv321sPyQsJULQhpa8pNdce39OvYZoDxppq0NfL
NCHQFKfxf5MjPFtII74AqZfdL0eFLQv0zD26PQcdtW9Y2y9WVKDMdFVIPSrgLacY
Tyc8UX5pJQAiBkmNV0ALtI07IdMxDpaE7CuzioLaijP6kwq/j0sSi7Cf+1SjJnJq
MzQu4pbQarqopukPOT0=
=UQRa
-----END PGP SIGNATURE-----
More information about the Focal-changes
mailing list