FEDORA-2022-1b2b8d5177
Packages in this update:
python-ujson-5.4.0-1.fc36
Update description:
Security fix for CVE-2022-31116 and CVE-2022-31117.
5.4.0
Added
Add support for arbitrary size integers
Fixed
CVE-2022-31116: Replace wchar_t string decoding implementation with a uint32_t-based one; fix handling of surrogates on decoding
CVE-2022-31117: Potential double free of buffer during string decoding
Fix memory leak on encoding errors when the buffer was resized
Integer parsing: always detect overflows
Fix handling of surrogates on encoding
More Stories
USN-7021-2: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
USN-7029-1: Linux kernel vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...
USN-7007-3: Linux kernel vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...
USN-6999-2: Linux kernel vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...
USN-7028-1: Linux kernel vulnerabilities
It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local...
python-zipp-0.5.1-4.el8
FEDORA-EPEL-2024-d7489f4064 Packages in this update: python-zipp-0.5.1-4.el8 Update description: Security fix for CVE-2024-5569 (rhbz#2297119) Read More