[1/1] package/cjson: security bump to version 1.7.11

Message ID	20190414223529.3694-1-fontaine.fabrice@gmail.com
State	Accepted
Headers	show Return-Path: <buildroot-bounces@busybox.net> From: Fabrice Fontaine <fontaine.fabrice@gmail.com> To: buildroot@buildroot.org Date: Mon, 15 Apr 2019 00:35:29 +0200 Message-Id: <20190414223529.3694-1-fontaine.fabrice@gmail.com> MIME-Version: 1.0 Subject: [Buildroot] [PATCH 1/1] package/cjson: security bump to version 1.7.11 Precedence: list Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" <buildroot-bounces@busybox.net>
Series	[1/1] package/cjson: security bump to version 1.7.11 \| expand [1/1] package/cjson: security bump to version 1.7.11

Message ID

20190414223529.3694-1-fontaine.fabrice@gmail.com

State

Accepted

Headers

From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
To: buildroot@buildroot.org
Date: Mon, 15 Apr 2019 00:35:29 +0200
Message-Id: <20190414223529.3694-1-fontaine.fabrice@gmail.com>
MIME-Version: 1.0
Subject: [Buildroot] [PATCH 1/1] package/cjson: security bump to version
	1.7.11
Precedence: list
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Series

[1/1] package/cjson: security bump to version 1.7.11 | expand

Commit Message

Fabrice Fontaine April 14, 2019, 10:35 p.m. UTC

Fix a bug where cJSON_Minify could overflow it's buffer, both reading
and writing: https://github.com/DaveGamble/cJSON/issues/338.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
 package/cjson/cjson.hash | 2 +-
 package/cjson/cjson.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Comments

Thomas Petazzoni April 15, 2019, 7:40 p.m. UTC | #1

On Mon, 15 Apr 2019 00:35:29 +0200
Fabrice Fontaine <fontaine.fabrice@gmail.com> wrote:

> Fix a bug where cJSON_Minify could overflow it's buffer, both reading
> and writing: https://github.com/DaveGamble/cJSON/issues/338.
> 
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> ---
>  package/cjson/cjson.hash | 2 +-
>  package/cjson/cjson.mk   | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)

Applied to master, thanks.

Thomas

Peter Korsgaard April 24, 2019, 8:25 p.m. UTC | #2

>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:

 > Fix a bug where cJSON_Minify could overflow it's buffer, both reading
 > and writing: https://github.com/DaveGamble/cJSON/issues/338.

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

Committed to 2019.02.x, thanks.

diff --git a/package/cjson/cjson.hash b/package/cjson/cjson.hash
index 9c39bb321f..32a05b3c05 100644
--- a/package/cjson/cjson.hash
+++ b/package/cjson/cjson.hash
@@ -1,3 +1,3 @@ 
 # Locally computed:
-sha256 cc544fdd065f3dd19113f1d5ba5f61d696e0f810f291f4b585d1dec361b0188e  cjson-v1.7.10.tar.gz
+sha256 17ace0e31ebd639906983b05fe1d51576b948ca5411c2162f55dd34c122162ca  cjson-v1.7.11.tar.gz
 sha256 a36dda207c36db5818729c54e7ad4e8b0c6fba847491ba64f372c1a2037b6d5c  LICENSE
diff --git a/package/cjson/cjson.mk b/package/cjson/cjson.mk
index b2ef1c8582..e6ab71b92a 100644
--- a/package/cjson/cjson.mk
+++ b/package/cjson/cjson.mk
@@ -4,7 +4,7 @@ 
 #
 ################################################################################
 
-CJSON_VERSION = v1.7.10
+CJSON_VERSION = v1.7.11
 CJSON_SITE = $(call github,DaveGamble,cjson,$(CJSON_VERSION))
 CJSON_INSTALL_STAGING = YES
 CJSON_LICENSE = MIT

[1/1] package/cjson: security bump to version 1.7.11

Commit Message

Comments

Patch