Ubuntu
whoopsie package

  1. Bug #1881982
  2. Comment #9

Comment 9 for bug 1881982

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package whoopsie - 0.2.52.5ubuntu0.5

---------------
whoopsie (0.2.52.5ubuntu0.5) xenial-security; urgency=medium

  * SECURITY UPDATE: integer overflow in bson parsing (LP: #1872560)
    - lib/bson/*: updated to latest upstream release.
    - CVE-2020-12135
  * SECURITY UPDATE: resource exhaustion via memory leak (LP: #1881982)
    - src/whoopsie.c, src/tests/test_parse_report.c: properly handle
      GHashTable.
    - CVE-2020-11937
  * SECURITY UPDATE: DoS via large data length (LP: #1882180)
    - src/whoopsie.c, src/whoopsie.h, src/tests/test_parse_report.c: limit
      the size of a report file.
    - CVE-2020-15570

 -- Marc Deslauriers <email address hidden> Fri, 24 Jul 2020 08:55:26 -0400