Source: json-c Severity: important Tags: security upstream fixed-upstream Hi,
the following vulnerabilities were published for json-c. CVE-2013-6370[0]: buffer overflow if size_t is larger than int CVE-2013-6371[1]: hash collision DoS If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. The upstream patch is at [2]. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6370 https://security-tracker.debian.org/tracker/CVE-2013-6370 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6371 https://security-tracker.debian.org/tracker/CVE-2013-6371 [2] https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015 Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
