Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
89
security advisoryfedoracriticalFedora 40: 2024-8c48a81cb9 Critical: yyjson Remote Code Execution
Update to 0.9.0; fix rhbz#2274045 and rhbz#2266791; Security fix for CVE-2024-25713. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-8c48a81cb9 2024-04-19 21:20:20.798877 -------------------------------------------------------------------------------- Name : yyjson Product : Fedora 40 Version : 0.9.0 Release : 1.fc40 URL : https://github.com/ibireme/yyjson Summary : A high performance JSON library written in ANSI C Description : A high performance JSON library written in ANSI C. Features - Fast: can read or write gigabytes per second JSON data on modern CPUs. - Portable: complies with ANSI C (C89) for cross-platform compatibility. - Strict: complies with RFC 8259 JSON standard, ensuring strict number format and UTF-8 validation. - Extendable: offers options to allow comments, trailing commas, NaN/Inf, and custom memory allocator. - Accuracy: can accurately read and write int64, uint64, and double numbers. - Flexible: supports unlimited JSON nesting levels, \u0000 characters, and non null-terminated strings. - Manipulation: supports querying and modifying using JSON Pointer, JSON Patch and JSON Merge Patch. - Developer-Friendly: easy integration with only one h and one c file. -------------------------------------------------------------------------------- Update Information: Update to 0.9.0; fix rhbz#2274045 and rhbz#2266791; Security fix for CVE-2024-25713 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 9 2024 topazus - 0.9.0-1 - Update to 0.9.0; fix rhbz#2274045 and rhbz#2266791 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2266791 - CVE-2024-25713 yyjson: double free leading to remote code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266791 [ 2 ] Bug #2274045 - yyjson-0.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2274045 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-8c48a81cb9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 19, 2024
•Critical
Fedora
89
security advisoryhigh severityfedoraFedora 39: 2024-ef2e551fab High Severity: yyjson Remote Code Execution
Update to 0.9.0; fix rhbz#2274045 and rhbz#2266791; Security fix for CVE-2024-25713. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-ef2e551fab 2024-04-17 02:18:01.430796 -------------------------------------------------------------------------------- Name : yyjson Product : Fedora 39 Version : 0.9.0 Release : 1.fc39 URL : https://github.com/ibireme/yyjson Summary : A high performance JSON library written in ANSI C Description : A high performance JSON library written in ANSI C. Features - Fast: can read or write gigabytes per second JSON data on modern CPUs. - Portable: complies with ANSI C (C89) for cross-platform compatibility. - Strict: complies with RFC 8259 JSON standard, ensuring strict number format and UTF-8 validation. - Extendable: offers options to allow comments, trailing commas, NaN/Inf, and custom memory allocator. - Accuracy: can accurately read and write int64, uint64, and double numbers. - Flexible: supports unlimited JSON nesting levels, \u0000 characters, and non null-terminated strings. - Manipulation: supports querying and modifying using JSON Pointer, JSON Patch and JSON Merge Patch. - Developer-Friendly: easy integration with only one h and one c file. -------------------------------------------------------------------------------- Update Information: Update to 0.9.0; fix rhbz#2274045 and rhbz#2266791; Security fix for CVE-2024-25713 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 9 2024 topazus - 0.9.0-1 - Update to 0.9.0; fix rhbz#2274045 and rhbz#2266791 * Tue Jan 30 2024 topazus - 0.8.0-3 - Fix error of -Wno-implicit-int and -Wno-implicit-function-declaration * Sat Jan 27 2024 Fedora Release Engineering - 0.8.0-2 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2266791 - CVE-2024-25713 yyjson: double free leading to remote code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266791 [ 2 ] Bug #2274045 - yyjson-0.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2274045 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-ef2e551fab' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 17, 2024
Fedora
89
security advisoryfedoraremote code executionUbuntu 23.10: 2024-4723b80128 Critical Vulnerability in json_parser
Update to 0.9.0; fix rhbz#2274045 and rhbz#2266791; Security fix for CVE-2024-25713. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-4691d60717 2024-04-17 02:11:07.454578 -------------------------------------------------------------------------------- Name : yyjson Product : Fedora 38 Version : 0.9.0 Release : 1.fc38 URL : https://github.com/ibireme/yyjson Summary : A high performance JSON library written in ANSI C Description : A high performance JSON library written in ANSI C. Features - Fast: can read or write gigabytes per second JSON data on modern CPUs. - Portable: complies with ANSI C (C89) for cross-platform compatibility. - Strict: complies with RFC 8259 JSON standard, ensuring strict number format and UTF-8 validation. - Extendable: offers options to allow comments, trailing commas, NaN/Inf, and custom memory allocator. - Accuracy: can accurately read and write int64, uint64, and double numbers. - Flexible: supports unlimited JSON nesting levels, \u0000 characters, and non null-terminated strings. - Manipulation: supports querying and modifying using JSON Pointer, JSON Patch and JSON Merge Patch. - Developer-Friendly: easy integration with only one h and one c file. -------------------------------------------------------------------------------- Update Information: Update to 0.9.0; fix rhbz#2274045 and rhbz#2266791; Security fix for CVE-2024-25713 -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 9 2024 topazus - 0.9.0-1 - Update to 0.9.0; fix rhbz#2274045 and rhbz#2266791 * Tue Jan 30 2024 topazus - 0.8.0-3 - Fix error of -Wno-implicit-int and -Wno-implicit-function-declaration * Sat Jan 27 2024 Fedora Release Engineering - 0.8.0-2 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2266791 - CVE-2024-25713 yyjson: double free leading to remote code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266791 [ 2 ] Bug #2274045 - yyjson-0.9.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2274045 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-4691d60717' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 17, 2024
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!