Package: python-cjson Severity: grave Tags: security Hi,
The following CVE (Common Vulnerabilities & Exposures) id was published for python-cjson. Quoting the original bug report[1]: > There is a buffer overrun in cjson 1.0.5, on UCS4 builds. The string length > is only resized for wide unicode characters if there is less than 12 bytes > of space left. Padding with narrow-but-escaped characters prevents string > resizing. > > The following line exhibits the overrun (it *may* segfault or display garbage, etc): > >>> cjson.encode(u'\U0001D11E\U0001D11E\U0001D11E\U0001D11E\u1234\u1234\u12 > >>> 34\u1234\u1234\u1234') > > (u'\U0001D11E\u1234' also breaks, but sometimes goes undetected.) This issue has been assigned CVE-2010-1666. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. If possible, please provide packages for stable (to be released via the security archive.) For further information see: [1]https://bugs.launchpad.net/ubuntu/+source/python-cjson/+bug/585274 Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
