[ubuntu/utopic-proposed] json-c 0.11-4ubuntu1 (Accepted)
Dimitri John Ledkov
xnox at ubuntu.com
Sat Apr 26 05:27:15 UTC 2014
json-c (0.11-4ubuntu1) utopic; urgency=medium
* SECURITY UPDATE: denial of service via hash collision (LP: #1311397)
- debian/patches/0001-Patch-to-address-the-following-issues.patch:
Upstream patch to enable hash randomization.
- CVE-2013-6371
* SECURITY UPDATE: denial of service via buffer overflow (LP: #1311397)
- debian/patches/0001-Patch-to-address-the-following-issues.patch:
Upstream patch to guard against negative and maximum buffer sizes.
- CVE-2013-6370
json-c (0.11-4) unstable; urgency=low
* Add upstream patch to fix two security vulnerabilities (Closes: #744008)
+ [CVE-2013-6371]: hash collision denial of service
+ [CVE-2013-6370]: buffer overflow if size_t is larger than int
Date: Wed, 23 Apr 2014 01:12:44 +0100
Changed-By: Dimitri John Ledkov <xnox at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/utopic/+source/json-c/0.11-4ubuntu1
-------------- next part --------------
Format: 1.8
Date: Wed, 23 Apr 2014 01:12:44 +0100
Source: json-c
Binary: libjson-c2 libjson-c-dev libjson-c2-dbg libjson-c-doc libjson0-dev libjson0
Architecture: source
Version: 0.11-4ubuntu1
Distribution: utopic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Dimitri John Ledkov <xnox at ubuntu.com>
Description:
libjson-c-dev - JSON manipulation library - development files
libjson-c-doc - JSON manipulation library - documentation files
libjson-c2 - JSON manipulation library - shared library
libjson-c2-dbg - JSON manipulation library - debug symbols
libjson0 - JSON manipulation library (transitional package)
libjson0-dev - JSON manipulation library (transitional package)
Closes: 744008
Launchpad-Bugs-Fixed: 1311397
Changes:
json-c (0.11-4ubuntu1) utopic; urgency=medium
.
* SECURITY UPDATE: denial of service via hash collision (LP: #1311397)
- debian/patches/0001-Patch-to-address-the-following-issues.patch:
Upstream patch to enable hash randomization.
- CVE-2013-6371
* SECURITY UPDATE: denial of service via buffer overflow (LP: #1311397)
- debian/patches/0001-Patch-to-address-the-following-issues.patch:
Upstream patch to guard against negative and maximum buffer sizes.
- CVE-2013-6370
.
json-c (0.11-4) unstable; urgency=low
.
* Add upstream patch to fix two security vulnerabilities (Closes: #744008)
+ [CVE-2013-6371]: hash collision denial of service
+ [CVE-2013-6370]: buffer overflow if size_t is larger than int
Checksums-Sha1:
bde0e4257af247238a9b3ccbb56167eb1473a89b 2229 json-c_0.11-4ubuntu1.dsc
5719cc11c8b2586858deac18e74ff021f9538357 398647 json-c_0.11-4ubuntu1.debian.tar.gz
Checksums-Sha256:
5c645138ee35953d78747cc44c47da028abc7710e977f93b6a845b3930a1e6e4 2229 json-c_0.11-4ubuntu1.dsc
7ac3c430a22173ad742289716a2e4e5d347dfb6135fcb74e32df6a77478be712 398647 json-c_0.11-4ubuntu1.debian.tar.gz
Files:
a9b55ef5075dcc0395bfce61786dac46 2229 libs extra json-c_0.11-4ubuntu1.dsc
8b5ce48fae5cdec9309a27426c4f1046 398647 libs extra json-c_0.11-4ubuntu1.debian.tar.gz
Original-Maintainer: fabien boucher <fabien.dot.boucher at gmail.com>
More information about the Utopic-changes
mailing list