yajl 2.1.0-3ubuntu0.22.04.1 source package in Ubuntu
Changelog
yajl (2.1.0-3ubuntu0.22.04.1) jammy-security; urgency=medium
* SECURITY UPDATE: buffer overread in yajl_string_decode function
- debian/patches/CVE-2017-16516.patch: don't advance our end pointer until
we've checked we have enough buffer left and that the unicode escape is
approaching.
- CVE-2017-16516
* SECURITY UPDATE: integer overflow leading to heap memory corruption when
processing large (~2GB) inputs
- debian/patches/CVE-2022-24795.patch: catch integer overflow and
terminate the process with abort().
- CVE-2022-24795
* SECURITY UPDATE: memory leak in yajl_tree_parse function
- debian/patches/CVE-2023-33460.patch: fix memory leak problems by
releasing requested memory in time.
- CVE-2023-33460
-- Fabian Toepfer <email address hidden> Thu, 14 Dec 2023 14:06:32 +0100
Upload details
- Uploaded by:
- Fabian Toepfer
- Uploaded to:
- Jammy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Jammy | updates | main | libs | |
| Jammy | security | main | libs |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| yajl_2.1.0.orig.tar.gz | 82.0 KiB | 3fb73364a5a30efe615046d07e6db9d09fd2b41c763c5f7d3bfb121cd5c5ac5a |
| yajl_2.1.0-3ubuntu0.22.04.1.debian.tar.xz | 7.1 KiB | f099717e58ba02967d789e516e3d8c3529fcf77d5d8267ebee7b3fce46d26313 |
| yajl_2.1.0-3ubuntu0.22.04.1.dsc | 2.1 KiB | d2c3f2e9df2e95549ca6d2dd73c8929a0070d8f3e03aee036f165eefb8de921e |
Available diffs
Binary packages built by this source
- libyajl-dev: Yet Another JSON Library - development files
A small, fast library for parsing JavaScript Object Notation (JSON). It
supports incremental parsing from a stream and leaves data representation to
higher level code.
.
This package contains the header files and static libraries needed for
compiling software that uses the yajl library.
- libyajl-doc: Yet Another JSON Library - library documentation
A small, fast library for parsing JavaScript Object Notation (JSON). It
supports incremental parsing from a stream and leaves data representation to
higher level code.
.
This package contains the API documentation.
- libyajl2: Yet Another JSON Library
A small, fast library for parsing JavaScript Object Notation (JSON). It
supports incremental parsing from a stream and leaves data representation to
higher level code.
- libyajl2-dbgsym: debug symbols for libyajl2
- yajl-tools: Yet Another JSON Library - tools
A small collection of tools that use the yajl library.
.
Current tools are:
json_reformat - beautifies or minimizes format of JSON data
json_verify - validates JSON data
- yajl-tools-dbgsym: debug symbols for yajl-tools
