[Git][security-tracker-team/security-tracker][master] Reference upstream fix for CVE-2021-45958/ujson
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Apr 5 21:20:53 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9e616e83 by Salvatore Bonaccorso at 2022-04-05T22:20:02+02:00
Reference upstream fix for CVE-2021-45958/ujson
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19609,6 +19609,7 @@ CVE-2021-45958 (UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer ove
NOTE: https://github.com/ultrajson/ultrajson/issues/501
NOTE: https://github.com/ultrajson/ultrajson/issues/502
NOTE: https://github.com/ultrajson/ultrajson/pull/504
+ NOTE: Fixed by: https://github.com/ultrajson/ultrajson/pull/519
CVE-2021-45957 (** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in answer ...)
- dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35920
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e616e83c5b4368116a65d8708770f90107f2e82
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e616e83c5b4368116a65d8708770f90107f2e82
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220405/b77371d0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list