-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 17 Apr 2014 12:02:59 +0200 Source: json-c Binary: libjson-c2 libjson-c-dev libjson-c2-dbg libjson-c-doc libjson0-dev libjson0 Architecture: source amd64 all Version: 0.11-4 Distribution: unstable Urgency: high Maintainer: fabien boucher <fabien.dot.boucher@gmail.com> Changed-By: Ondřej Surý <ondrej@debian.org> Description: libjson-c-dev - JSON manipulation library - development files libjson-c-doc - JSON manipulation library - documentation files libjson-c2 - JSON manipulation library - shared library libjson-c2-dbg - JSON manipulation library - debug symbols libjson0 - JSON manipulation library (transitional package) libjson0-dev - JSON manipulation library (transitional package) Closes: 744008 Changes: json-c (0.11-4) unstable; urgency=low . * Add upstream patch to fix two security vulnerabilitiesa (Closes: #744008) + [CVE-2013-6371]: hash collision denial of service + [CVE-2013-6370]: buffer overflow if size_t is larger than int Checksums-Sha1: ec1515cd062912b4488460027b9c250330c601cb 2139 json-c_0.11-4.dsc 719698039456fde27481cba828330bbd4c211a66 272656 json-c_0.11-4.debian.tar.xz 83cb26cec3758a6dce8af0bb782234b7f08bbb92 24818 libjson-c2_0.11-4_amd64.deb b983ef61b1f8f2ef924efd5e3562bb58f21a78ae 35064 libjson-c-dev_0.11-4_amd64.deb 79f2a84225a667f15ec0ec7e61ab75ab087cfa2f 41662 libjson-c2-dbg_0.11-4_amd64.deb 60d4712634faf9e5a14ddf68a04e1bf887aac1e6 18654 libjson-c-doc_0.11-4_all.deb bb06cddcb03c4376130123dd421c6ac81b9ec445 1230 libjson0-dev_0.11-4_amd64.deb 572f386553f6cd8c3867324b6c14e244d3154b2e 1098 libjson0_0.11-4_amd64.deb Checksums-Sha256: d21817e227168b4fed37e2e05c2dafbcf67e3148adf516c16c05d1014d1cbbba 2139 json-c_0.11-4.dsc 4d6d8e24146b1a708b62a46b7061d0199f505cbdfe88221e10f1a8805071b984 272656 json-c_0.11-4.debian.tar.xz bde89cf8ff7876889e17fda0245f4dd3e829b6f89e617272637c1692c84dd694 24818 libjson-c2_0.11-4_amd64.deb 2b429bc045ad422a3f5e928f685e3e77c823736e01e1542ab0d574409b7fdf7e 35064 libjson-c-dev_0.11-4_amd64.deb b4000120df0877513c9f5f87d6cc7093de948873047abc015f54161df9ddcca5 41662 libjson-c2-dbg_0.11-4_amd64.deb ffedc999c24900646e922aea1476991709901463ddf01a69eddd7d618032bffb 18654 libjson-c-doc_0.11-4_all.deb 84c84a839811662b65f36ee5c53aac6607d1eff33929ff4248731915605821c8 1230 libjson0-dev_0.11-4_amd64.deb b702144e9cbb3fbac80e86a0cdb0e1c097320fbe5610756613116cf8d340d8dc 1098 libjson0_0.11-4_amd64.deb Files: 1c7758cef8bc6e45fa8db31c2e27c61f 2139 libs extra json-c_0.11-4.dsc 521b33c6f4a7caa5f4f4ceb4bea62655 272656 libs extra json-c_0.11-4.debian.tar.xz 0c36de6a9512856e0e561a61e106bce0 24818 libs extra libjson-c2_0.11-4_amd64.deb e1c66f8a7454ac3ad0e691924baa6cfb 35064 libdevel extra libjson-c-dev_0.11-4_amd64.deb 714785e4ed126bedc5720d6127362b4d 41662 debug extra libjson-c2-dbg_0.11-4_amd64.deb 9ccb6c23c3976ce19d39969f23d280e4 18654 doc extra libjson-c-doc_0.11-4_all.deb 94b91edced405f0d9b338e8e03e01318 1230 oldlibs extra libjson0-dev_0.11-4_amd64.deb 91b22c4446189a74d6159fdbf567acec 1098 oldlibs extra libjson0_0.11-4_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJTT6smAAoJEAyZtw70/LsHIM4QAK56bKETHa2K95SSoNxWYcpn YhAbGSX/R76GPediKheskLowmL9DioKSwllyfcVOCYRs5l11ETOVMoCBNTJ/gQze i6+ubJMu0PNrCEKdT7x6n/WN+5TcYXaq+4Vd2ZWlad0tkhD2TZLiYwJjVsqlOpkn Gr/O6qMICqw1kkvrMXNDMKNHDkKSRzA8hB2XpUQYHe/Hv1wav/fPXHQihe0vu7IH zbIoijy1AXF3rMpu2fIDhpJeTalqMwNjLiB5Vk+LflAjF/l+LC3q/q0Gx2wUgw1p VHj8wUd9sMGZB6YO30bMvAVYYAIFhIZayMXUbsfh7s7O2NPGFPaQ+rzVlmViYKVY vIB8zwlwCn4Q/x5gu0j9VdKzn105cO6Kgba3f3TANOlx3uPntAqjR8cwugwi4aam SltQGUVbe5PMgikIGGXOoXSJakv7ljEGA5A0mMzcOEup+vfVB+vxYm6JW/W1DPi1 gp7djgrE7llKWeVLRt2x8aTd2w9mtzKHWC2BV4CK46cVUj/xdnFpKPX7NKYmdYQ3 wdxVJdjOPJJ0LmJ4IIpYYYJ2aPvvxtmiH1EvuaoYfZdo9nbPvrZ7uRi8Eq0g0sic TUXS8AqylmMnwwiMjD9DtTWoPs3L9k0LLkhpvvfJBNeMrEuqVEpUjuNwPae3OI1p o2nk9goZ4WizFwdDBv9G =UWiM -----END PGP SIGNATURE-----