libjson-c: backport security fixes
authorRobert Marko <robert.marko@sartura.hr>
Tue, 12 May 2020 20:18:33 +0000 (22:18 +0200)
committerHauke Mehrtens <hauke@hauke-m.de>
Sat, 16 May 2020 19:18:50 +0000 (21:18 +0200)
commit15d73a26b6386c8ddd7c9e8ed446380e9282b3a6
tree3574fbeca681220624909f3946e0b4eb61a25588
parent7b49c0b48a80d422ad37a4c6bcddcd341fca747b
libjson-c: backport security fixes

This backports upstream fixes for the out of bounds write vulnerability in json-c.
It was reported and patches in this upstream PR: https://github.com/json-c/json-c/pull/592

Addresses CVE-2020-12762

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
[bump PKG_RELEASE, rebase patches on top of json-c 0.12]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit bc0288b76816578f5aeccb2abd679f82bfc5738e)
package/libs/libjson-c/Makefile
package/libs/libjson-c/patches/000-libm.patch
package/libs/libjson-c/patches/001-Prevent-division-by-zero-in-linkhash.patch [new file with mode: 0644]
package/libs/libjson-c/patches/002-Fix-integer-overflows.patch [new file with mode: 0644]