UbuntuUpdates.org

Package "ujson"

Name: ujson

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • ultra fast JSON encoder and decoder for Python 3
  • ultra fast JSON encoder and decoder for Python 3 (debug ext)

Latest version: 1.35-4ubuntu0.1
Release: focal (20.04)
Level: updates
Repository: universe

Links



Other versions of "ujson" in Focal

Repository Area Version
security universe 1.35-4ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.35-4ubuntu0.1 2024-02-14 05:06:50 UTC

  ujson (1.35-4ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2021-45958.patch: a rewrite of the buffer
      reservation calls from scratch and fixes a bug in the debug
      buffer check.
    - CVE-2021-45958
  * debian/patches/CVE-2021-45958-tests-backport.patch: backport of
    tests from the patches to unittest.

 -- Allen Huang <email address hidden> Tue, 16 Jan 2024 11:22:01 +0000

CVE-2021-45958 UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for exa



About   -   Send Feedback to @ubuntu_updates