Advisories » MGASA-2024-0324

Updated cjson packages fix security vulnerability

Publication date: 04 Oct 2024
Modification date: 04 Oct 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-31755

Description

cJSON was discovered to contain a segmentation violation, which can
trigger through the second parameter of function cJSON_SetValuestring at
cJSON.c. (CVE-2024-31755)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33600
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6B5ZS2THGMPX2CG2C7OVYS5F7REKYJYJ/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31755

SRPMS

9/core

• cjson-1.7.15-2.2.mga9