• [SECURITY] [DSA 4741-1] json-c security update

    From Moritz Muehlenhoff@21:1/5 to All on Wed Aug 5 23:30:02 2020
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4741-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 05, 2020 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : json-c
    CVE ID : CVE-2020-12762

    Tobias Stoeckmann discovered an integer overflow in the json-c JSON
    library, which could result in denial of service or potentially the
    execution of arbitrary code if large malformed JSON files are processed.

    For the stable distribution (buster), this problem has been fixed in
    version 0.12.1+ds-2+deb10u1.

    We recommend that you upgrade your json-c packages.

    For the detailed security status of json-c please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/json-c

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl8rIQAACgkQEMKTtsN8 Tja2AhAAnmUkzQY3bKccw3g1liPtB74YPg+um3Q3KVMbpKzMKpumq4PKwr1P/hW/ 6EWRfxgkzJbk9YZ8wDLkb/FospcMf0AMdCUqLXmyUwlBttBDgSq33301Fjl/Coz5 O0J3FWM+b8+ZoEKVDfAA/xS/TGsF0mKABL2hvws682gMHYTJ+oLuQp1d/xHQgXyY OsOq+oPjnZ7qqoZDtl99NANESTXkUUWmhwk8Urkc+NqBkYYyym86hr+o/7jk1o3f 2mTCQE5czCz7hfgkHsJSCBHJYKZYxML/WYaAwLqvI2ORuw0kxcpITsTD820TX7D1 Lv+4BFmiybCdkHL09k++vhz/NRZVc/ZGbhf5ciOu5anB+3akw3snh8OAhkUupFAx wvHJ8bsESCnnl/ZzWGrP2dsW4qrDTzY7x7fNINmcwS+DDOy3ySvPczi46AggbRyj +DodDfjvcRjAUOuDDopNVGvESckoemdM5W6MVYF6M9N/7njZBXW/MQ3jl3Dv/V0C EzV//6dXk36PPUW9UD2IQqSET6r4qw5KOMOgMin8ywYJyBOqm+JU/LCDEeJFr3P/ Pl5QXKibZWUuoU3QFlww+6UmCI1T8KVXiFnBZNTSnaFCTKhDeIV0ZvqKYz2nmvpK b4UqeR9P1cfOV4V4LvQbSNhEDvel1Zx5PtnYseiQUav9rdDlc3w=
    =y5YC
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)