[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 4258-1] libfastjson security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4258-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
July 28, 2025                                 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : libfastjson
Version        : 0.99.9-1+deb11u1
CVE ID         : CVE-2020-12762


An issue has been found in libfastjson, a fast json library for C.
Due to missing checks, out-of-bounds write might happen when parsing large JSON files. 


For Debian 11 bullseye, this problem has been fixed in version
0.99.9-1+deb11u1.

We recommend that you upgrade your libfastjson packages.

For the detailed security status of libfastjson please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libfastjson

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmiHpX9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEdekA/9GznOzANG8FRUEYzqRZhnSZbved5wfUTsFFFrzHoPxw6khC9WE8IRa3Fr
nE2sXaNvR2qIceuk+8CMkBNEmqUxMRBRoTLcWsbxjrI72kfeFIFeH7efkNQRvxaW
Kxk8nF/Q2t4S/zbJowqq9Ie/+zV3wApTusSi1Zu3pHWRVQsm3gy8FU8T6Hoa6COy
rQXcI5BcDfnaL3OVeWCkd5uFhFDVBR7Wjz8GlYKWC2o2Je4tf/t7/gRPQ0aTiIIN
UWPwLDAZepsFuqVkO7UG/VNDMaUYcegEKeGJggG3eRsKxqcZtKYJzRL1PFC5YpqP
/Dt/z8vNxcrz6TJYo9OqJxmQFjZbdOdg5Vlu9kIbVquJsvg7BImSoyZ4bowXjEwr
o+KhzQ/oRn7VMf8RkcSF0tcZWvP23axEaF59oA9Xg/SL+N7MiWSMCmLoA5QbDt3V
SP54iquZ29W52OyJy4M9upjWGxGD8VTe59UjNYJ5tP3pudlvGNLjJMhOENu9gcvl
sfoeRFlqBz3lx/JSUcCNq7GsIynRMuzvmQGJ8X+9W25wNZGcRnoOUJHGTskVBj1z
vY5rv20hDBAmF+4e4Tbzn5uG37Yddu3WViR/FmpdhBeXpTVT/UQyhqxHsCFpBgsX
VRyyHJ3NDA/BwEyysaoo4sIojbtgAxvXE4zTykQzIT6vA8uAKd4=
=se0/
-----END PGP SIGNATURE-----
Reply to: