Overview
Request 987903 accepted
- update to 5.4.0 (CVE-2022-31116, bsc#1201255, CVE-2022-31117, bsc#1201254):
* Replace wchar_t string decoding implementation with a uint32_t-based one
* Fix handling of surrogates on decoding
* CVE-2022-31117: Potential double free of buffer during string decoding
* Fix memory leak on encoding errors when the buffer was resized
* Integer parsing: always detect overflows
* Fix handling of surrogates on encoding
- Created by dirkmueller
- In state accepted
Request History
dirkmueller created request
- update to 5.4.0 (CVE-2022-31116, bsc#1201255, CVE-2022-31117, bsc#1201254):
* Replace wchar_t string decoding implementation with a uint32_t-based one
* Fix handling of surrogates on decoding
* CVE-2022-31117: Potential double free of buffer during string decoding
* Fix memory leak on encoding errors when the buffer was resized
* Integer parsing: always detect overflows
* Fix handling of surrogates on encoding
dimstar_suse added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:49"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:adi:49"
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
dimstar accepted review
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:adi:49 got accepted.
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:adi:49 got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:adi:49 got accepted.