Bug#980268: buster-pu: cjson/1.7.10-1.1+deb10u1

To: Boyuan Yang <byang@debian.org>, 980268@bugs.debian.org
Subject: Bug#980268: buster-pu: cjson/1.7.10-1.1+deb10u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 23 Jan 2021 15:35:27 +0000
Message-id: <[🔎] c1081c7605baedbb3127a7389621d9013283bc21.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 980268@bugs.debian.org
In-reply-to: <[🔎] 46a58f7f46a8b2d36eb47aa218d2425db558e28f.camel@debian.org>
References: <[🔎] 46a58f7f46a8b2d36eb47aa218d2425db558e28f.camel@debian.org> <[🔎] 46a58f7f46a8b2d36eb47aa218d2425db558e28f.camel@debian.org>

Control: tags -1 + confirmed

On Sat, 2021-01-16 at 17:45 -0500, Boyuan Yang wrote:
> I intend to fix https://bugs.debian.org/973442 in Buster. Under some
> circumstances, the user input will cause an infinite loop in libcjson
> library. This is a regression introduced by the patch of CVE-2019-
> 11835 and was fixed in cjson/1.7.12.

Please go ahead.

Regards,

Adam

Reply to:

References:
- Bug#980268: buster-pu: cjson/1.7.10-1.1+deb10u1
  - From: Boyuan Yang <byang@debian.org>

Prev by Date: Processed: Re: Bug#980268: buster-pu: cjson/1.7.10-1.1+deb10u1
Next by Date: Bug#977511: edk2 0~20181115.85588389-3+deb10u3 flagged for acceptance
Previous by thread: Processed: Re: Bug#980268: buster-pu: cjson/1.7.10-1.1+deb10u1
Next by thread: Bug#980268: cjson 1.7.10-1.1+deb10u1 flagged for acceptance
Index(es):
- Date
- Thread