bug#41525: CVE-2020-12762: json-c

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#41525: CVE-2020-12762: json-c

From:	Maxim Cournoyer
Subject:	bug#41525: CVE-2020-12762: json-c
Date:	Wed, 21 Oct 2020 00:27:39 -0400
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)

Hello,

Lars-Dominik Braun <lars@6xq.net> writes:

> Hi,
>
> our package json-c is vulnerable to CVE-2020-12762[1]. Be careful when
> applying the “fix”, since it broke a lot of packages on Ubuntu and
> Gentoo[2] in the past week.
>
> Lars
>
> [1] https://nvd.nist.gov/vuln/detail/CVE-2020-12762
> [2] https://bugs.gentoo.org/722150

Thanks for the report!

This was fixed by Efraim on the 6th of August, with commit
10b40489742bdaa0d193c00dff1446b11c081f6a.

Closing,

Maxim

[Prev in Thread]

Current Thread

[Next in Thread]

bug#41525: CVE-2020-12762: json-c, Maxim Cournoyer <=

Prev by Date: bug#41932: make check failures
Next by Date: bug#44104: [patch] guix/scripts/publish: share signing key
Previous by thread: bug#41932: make check failures
Next by thread: bug#44112: SBCL is not reproducible
Index(es):
- Date
- Thread