CVE-2020-12762: json-c

  • Done
  • quality assurance status badge
Details
3 participants
  • Lars-Dominik Braun
  • Ludovic Courtès
  • Maxim Cournoyer
Owner
unassigned
Submitted by
Lars-Dominik Braun
Severity
normal
L
L
L
Ludovic Courtès wrote on 29 May 2020 16:37
control message for bug #41525
(address . control@debbugs.gnu.org)
87tuzy3izc.fsf@gnu.org
tags 41525 + security
quit
M
M
Maxim Cournoyer wrote on 21 Oct 2020 06:27
Re: bug#41525: CVE-2020-12762: json-c
(name . Lars-Dominik Braun)(address . lars@6xq.net)(address . 41525-done@debbugs.gnu.org)
875z74430k.fsf@gmail.com
Hello,

Lars-Dominik Braun <lars@6xq.net> writes:

Toggle quote (11 lines)
> Hi,
>
> our package json-c is vulnerable to CVE-2020-12762[1]. Be careful when
> applying the “fix”, since it broke a lot of packages on Ubuntu and
> Gentoo[2] in the past week.
>
> Lars
>
> [1] https://nvd.nist.gov/vuln/detail/CVE-2020-12762
> [2] https://bugs.gentoo.org/722150

Thanks for the report!

This was fixed by Efraim on the 6th of August, with commit
10b40489742bdaa0d193c00dff1446b11c081f6a.

Closing,

Maxim
Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 41525@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 41525
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch