[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#960326: json-c: CVE-2020-12762

Hi,

On Fri, May 15, 2020 at 10:19:42PM +0200, Salvatore Bonaccorso wrote:
> Hi,
> 
> On Mon, May 11, 2020 at 09:55:12PM +0200, Salvatore Bonaccorso wrote:
> > Source: json-c
> > Version: 0.13.1+dfsg-7
> > Severity: important
> > Tags: security upstream
> > Forwarded: https://github.com/json-c/json-c/pull/592
> > 
> > Hi,
> > 
> > The following vulnerability was published for json-c.
> > 
> > CVE-2020-12762[0]:
> > | json-c through 0.14 has an integer overflow and out-of-bounds write
> > | via a large JSON file, as demonstrated by printbuf_memappend.
> 
> The upstream fix introduces a regression, see in particular
> https://github.com/json-c/json-c/issues/599 .
> 
> FWIW, Ubuntu has as well reverted the fix, pending further
> investigation as per https://usn.ubuntu.com/4360-2/ 

Backports for other branches (as squashed commits for all those
needed):

https://github.com/json-c/json-c/pull/608

Regards,
Salvatore
Reply to: