[ubuntu/eoan-security] whoopsie 0.2.66ubuntu0.1 (Accepted)

Alex Murray alex.murray at canonical.com
Wed Oct 30 03:54:59 UTC 2019


whoopsie (0.2.66ubuntu0.1) eoan-security; urgency=medium

  * SECURITY UPDATE: Integer overflow when handling large bson
    objects (LP: #1830865)
    - lib/bson/bson.c, lib/bson/bson.h, src/whoopsie.c: use size_t
      for size instead of int to prevent integer overflows.
    - lib/bson/bson.c: ensure bson objects are not bigger than INT_MAX.
    - CVE-2019-11484
  * src/whoopsie.c: prevent freeing a NULL server response string.

Date: 2019-10-28 10:09:16.825960+00:00
Changed-By: Tiago Stürmer Daitx <tiago.daitx at canonical.com>
Maintainer: Evan <evan.dandrea at canonical.com>
Signed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/whoopsie/0.2.66ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Eoan-changes mailing list