Date: Mon, 08 Jun 2020 18:46:59 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 247089] devel/json-c: update quarterly to 0.14 Message-ID: <bug-247089-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D247089 Bug ID: 247089 Summary: devel/json-c: update quarterly to 0.14 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: sunpoet@FreeBSD.org Reporter: pioto@pioto.org Flags: maintainer-feedback?(sunpoet@FreeBSD.org) Assignee: sunpoet@FreeBSD.org The current release in the quarterly branch, 0.13.1_1, is marked as vulnera= ble by vuln.xml: $ sudo pkg audit json-c-0.13.1_1 is vulnerable: json-c -- integer overflow and out-of-bounds write via a large JSON file CVE: CVE-2020-12762 WWW: https://vuxml.FreeBSD.org/freebsd/abc3ef37-95d4-11ea-9004-25fadb81abf4.html Can the version containing the fix for this, 0.14, be updated in the quarte= rly branch? --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-247089-7788>