Read Time:28 Second

FEDORA-EPEL-2022-1026769ad3

Packages in this update:

python-ujson-5.4.0-1.el9

Update description:

Security fix for CVE-2022-31116 and CVE-2022-31117.

5.4.0

Added

Add support for arbitrary size integers

Fixed

CVE-2022-31116: Replace wchar_t string decoding implementation with a uint32_t-based one; fix handling of surrogates on decoding
CVE-2022-31117: Potential double free of buffer during string decoding
Fix memory leak on encoding errors when the buffer was resized
Integer parsing: always detect overflows
Fix handling of surrogates on encoding

Cyber Security News

python-ujson-5.4.0-1.el9

FEDORA-EPEL-2022-1026769ad3

Packages in this update:

Update description:

5.4.0

News, Advisories and much more