yajl 2.1.0-3ubuntu0.20.04.1 source package in Ubuntu
Changelog
yajl (2.1.0-3ubuntu0.20.04.1) focal-security; urgency=medium * SECURITY UPDATE: buffer overread in yajl_string_decode function - debian/patches/CVE-2017-16516.patch: don't advance our end pointer until we've checked we have enough buffer left and that the unicode escape is approaching. - CVE-2017-16516 * SECURITY UPDATE: integer overflow leading to heap memory corruption when processing large (~2GB) inputs - debian/patches/CVE-2022-24795.patch: catch integer overflow and terminate the process with abort(). - CVE-2022-24795 * SECURITY UPDATE: memory leak in yajl_tree_parse function - debian/patches/CVE-2023-33460.patch: fix memory leak problems by releasing requested memory in time. - CVE-2023-33460 -- Fabian Toepfer <email address hidden> Thu, 14 Dec 2023 14:06:36 +0100
Upload details
- Uploaded by:
- Fabian Toepfer
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Focal | updates | main | libs | |
Focal | security | main | libs |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
yajl_2.1.0.orig.tar.gz | 82.0 KiB | 3fb73364a5a30efe615046d07e6db9d09fd2b41c763c5f7d3bfb121cd5c5ac5a |
yajl_2.1.0-3ubuntu0.20.04.1.debian.tar.xz | 6.9 KiB | e64f63dadbcf6b40a311cf52ace82b94325c06900c855c4b7f74f8eef7ef2456 |
yajl_2.1.0-3ubuntu0.20.04.1.dsc | 2.1 KiB | 37b074da6e999ce4c2d6408211e3c9cc69cde6b872e2b2fb8d0377dcd260ad90 |
Available diffs
Binary packages built by this source
- libyajl-dev: Yet Another JSON Library - development files
A small, fast library for parsing JavaScript Object Notation (JSON). It
supports incremental parsing from a stream and leaves data representation to
higher level code.
.
This package contains the header files and static libraries needed for
compiling software that uses the yajl library.
- libyajl-doc: Yet Another JSON Library - library documentation
A small, fast library for parsing JavaScript Object Notation (JSON). It
supports incremental parsing from a stream and leaves data representation to
higher level code.
.
This package contains the API documentation.
- libyajl2: Yet Another JSON Library
A small, fast library for parsing JavaScript Object Notation (JSON). It
supports incremental parsing from a stream and leaves data representation to
higher level code.
- libyajl2-dbgsym: debug symbols for libyajl2
- yajl-tools: Yet Another JSON Library - tools
A small collection of tools that use the yajl library.
.
Current tools are:
json_reformat - beautifies or minimizes format of JSON data
json_verify - validates JSON data
- yajl-tools-dbgsym: debug symbols for yajl-tools