Package "libjettison-java"

Name:	libjettison-java
Description:	collection of StAX parsers and writers for JSON
Latest version:	1.4.1-1ubuntu0.22.04.1
Release:	jammy (22.04)
Level:	security
Repository:	universe
Homepage:	https://github.com/jettison-json/jettison

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "libjettison-java"

All arch deb package

APT INSTALL

Other versions of "libjettison-java" in Jammy

Repository	Area	Version
base	universe	1.4.1-1
updates	universe	1.4.1-1ubuntu0.22.04.1

Changelog

Version: 1.4.1-1ubuntu0.22.04.1 2023-06-19 16:06:58 UTC

libjettison-java (1.4.1-1ubuntu0.22.04.1) jammy-security; urgency=medium * SECURITY UPDATE: Denial of Service - debian/patches/CVE-2022-40149.patch: fixed a denial of service in nextClean function. - debian/patches/CVE-2022-40150-[1-4].patch: fixed multiple cases of denial of service from CVE-2022-40150, CVE-2022-45685, and CVE-2022-45693. - CVE-2022-40149 - CVE-2022-40150 - CVE-2022-45685 - CVE-2022-45693 -- Amir Naseredini <email address hidden> Thu, 15 Jun 2023 17:23:25 +0100

CVE-2022-40149	Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user suppl
CVE-2022-40150	Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user suppl
CVE-2022-45685	A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.
CVE-2022-45693	Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Ser

About - Send Feedback to @ubuntu_updates

Package "libjettison-java"

Links

Download "libjettison-java"

Other versions of "libjettison-java" in Jammy

Changelog

Share this page

Bookmarks

Latest updates

updates

security

proposed

PPA updates