Advisories » MGASA-2024-0156

Updated cjson packages fix security vulnerabilities

Publication date: 30 Apr 2024
Modification date: 30 Apr 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-50471 , CVE-2023-50472

Description

cJSON v1.7.16 was discovered to contain a segmentation violation via the
function cJSON_InsertItemInArray at cJSON.c. (CVE-2023-50471)
cJSON v1.7.16 was discovered to contain a segmentation violation via the
function cJSON_SetValuestring at cJSON.c. (CVE-2023-50472)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33133
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50471
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50472

SRPMS

9/core

• cjson-1.7.15-2.1.mga9