[ubuntu/mantic-security] cjson 1.7.16-1ubuntu0.2 (Accepted)
Allen Huang
allen.huang at canonical.com
Thu May 23 12:50:46 UTC 2024
cjson (1.7.16-1ubuntu0.2) mantic-security; urgency=medium
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2023-50471-50472-1.patch: add NULL checks in
cJSON_InsertItemInArray and cJSON_SetValuestring.
- debian/patches/CVE-2023-50471-50472-2.patch: fix error in null
checkings
- CVE-2023-50471
- CVE-2023-50472
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2024-31755-1.patch: adds the NULL check of
valuestring before it is dereferenced.
- debian/patches/CVE-2024-31755-2.patch: update comments and add
tests for cJSON_SetValuestring.
- CVE-2024-31755
Date: 2024-05-23 09:57:15.947340+00:00
Changed-By: Allen Huang <allen.huang at canonical.com>
https://launchpad.net/ubuntu/+source/cjson/1.7.16-1ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the mantic-changes
mailing list