yajl 2.1.0-3ubuntu0.23.04.1 source package in Ubuntu
Changelog
yajl (2.1.0-3ubuntu0.23.04.1) lunar-security; urgency=medium * SECURITY UPDATE: buffer overread in yajl_string_decode function - debian/patches/CVE-2017-16516.patch: don't advance our end pointer until we've checked we have enough buffer left and that the unicode escape is approaching. - CVE-2017-16516 * SECURITY UPDATE: integer overflow leading to heap memory corruption when processing large (~2GB) inputs - debian/patches/CVE-2022-24795.patch: catch integer overflow and terminate the process with abort(). - CVE-2022-24795 * SECURITY UPDATE: memory leak in yajl_tree_parse function - debian/patches/CVE-2023-33460.patch: fix memory leak problems by releasing requested memory in time. - CVE-2023-33460 -- Fabian Toepfer <email address hidden> Thu, 14 Dec 2023 13:46:59 +0100
Upload details
- Uploaded by:
- Fabian Toepfer
- Uploaded to:
- Lunar
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Lunar | updates | main | libs | |
Lunar | security | main | libs |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
yajl_2.1.0.orig.tar.gz | 82.0 KiB | 3fb73364a5a30efe615046d07e6db9d09fd2b41c763c5f7d3bfb121cd5c5ac5a |
yajl_2.1.0-3ubuntu0.23.04.1.debian.tar.xz | 7.1 KiB | 32e295fcc387ec1614dcf6b3703b520adcb7e73efc4d28496d89c8a5eab599c7 |
yajl_2.1.0-3ubuntu0.23.04.1.dsc | 2.1 KiB | b9ad1ff672efa614dcb808f731c6281650994b35394a14e197264002b8243c39 |
Available diffs
Binary packages built by this source
- libyajl-dev: Yet Another JSON Library - development files
A small, fast library for parsing JavaScript Object Notation (JSON). It
supports incremental parsing from a stream and leaves data representation to
higher level code.
.
This package contains the header files and static libraries needed for
compiling software that uses the yajl library.
- libyajl-doc: Yet Another JSON Library - library documentation
A small, fast library for parsing JavaScript Object Notation (JSON). It
supports incremental parsing from a stream and leaves data representation to
higher level code.
.
This package contains the API documentation.
- libyajl2: Yet Another JSON Library
A small, fast library for parsing JavaScript Object Notation (JSON). It
supports incremental parsing from a stream and leaves data representation to
higher level code.
- libyajl2-dbgsym: debug symbols for libyajl2
- yajl-tools: Yet Another JSON Library - tools
A small collection of tools that use the yajl library.
.
Current tools are:
json_reformat - beautifies or minimizes format of JSON data
json_verify - validates JSON data
- yajl-tools-dbgsym: debug symbols for yajl-tools