libjson-c: backport security fixes
authorRobert Marko <robert.marko@sartura.hr>
Tue, 12 May 2020 20:18:33 +0000 (22:18 +0200)
committerJo-Philipp Wich <jo@mein.io>
Wed, 13 May 2020 09:45:15 +0000 (11:45 +0200)
commit4cd9ae41c5f7fd4de6d9a2970f8243c9555428a7
treeb82330da4afda8d08cb575f481b9144e7292dc99
parent6ffd4d8a4de2a7c35a841a21c4b4116dfe54b754
libjson-c: backport security fixes

This backports upstream fixes for the out of bounds write vulnerability in json-c.
It was reported and patches in this upstream PR: https://github.com/json-c/json-c/pull/592

Addresses CVE-2020-12762

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
[bump PKG_RELEASE, rebase patches on top of json-c 0.12]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit bc0288b76816578f5aeccb2abd679f82bfc5738e)
package/libs/libjson-c/Makefile
package/libs/libjson-c/patches/000-libm.patch
package/libs/libjson-c/patches/001-Prevent-division-by-zero-in-linkhash.patch [new file with mode: 0644]
package/libs/libjson-c/patches/002-Fix-integer-overflows.patch [new file with mode: 0644]