Overview

File _patchinfo of Package patchinfo.25214

<patchinfo incident="25214">
  <issue tracker="cve" id="2022-31116"/>
  <issue tracker="cve" id="2022-31117"/>
  <issue tracker="bnc" id="1201254">VUL-1: CVE-2022-31117: python-ujson: double free while reallocating a buffer for string decoding</issue>
  <issue tracker="bnc" id="1201255">VUL-0: CVE-2022-31116: python-ujson: improper decoding of escaped surrogate characters may lead to string corruption, key confusion or value overwriting</issue>
  <packager>mcepl</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for python-ujson</summary>
  <description>This update for python-ujson fixes the following issues:

- CVE-2022-31116: Fixed improper decoding of escaped surrogate characters (bsc#1201255).
- CVE-2022-31117: Fixed a double free while reallocating a buffer for string decoding (bsc#1201254).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places