[ubuntu/eoan-security] whoopsie 0.2.66ubuntu0.1 (Accepted)
Alex Murray
alex.murray at canonical.com
Wed Oct 30 03:54:59 UTC 2019
whoopsie (0.2.66ubuntu0.1) eoan-security; urgency=medium
* SECURITY UPDATE: Integer overflow when handling large bson
objects (LP: #1830865)
- lib/bson/bson.c, lib/bson/bson.h, src/whoopsie.c: use size_t
for size instead of int to prevent integer overflows.
- lib/bson/bson.c: ensure bson objects are not bigger than INT_MAX.
- CVE-2019-11484
* src/whoopsie.c: prevent freeing a NULL server response string.
Date: 2019-10-28 10:09:16.825960+00:00
Changed-By: Tiago Stürmer Daitx <tiago.daitx at canonical.com>
Maintainer: Evan <evan.dandrea at canonical.com>
Signed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/whoopsie/0.2.66ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Eoan-changes
mailing list