Debian Patches

Status for yajl/2.1.0-5.1

Patch Description Author Forwarded Bugs Origin Last update
dynamically-link-tools.patch Upstream statically links json_verify and json_reformat to libyajl. This lets
us link the tools to the shared lib. (Closes #544721)		 no
multiarch.patch Support installation of multiarch binaries.
Define MULTIARCH_TUPLE at config time.		 no
CVE-2017-16516.patch Fix for CVE-2017-16516 Potential buffer overread: A JSON file can cause denial of service. yes debian upstream https://github.com/brianmario/yajl-ruby/commit/a8ca8f476655adaa187eedc60bdc770fff3c51ce
CVE-2022-24795.patch Fix for CVE-2022-24795 An integer overflow will lead to heap memory corruption with large (~2GB) inputs. yes debian upstream https://github.com/ppisar/yajl/commit/23cea2d7677e396efed78bbf1bf153961fab6bad
CVE-2023-33460.patch Fix for CVE-2023-33460a Memory leak in yajl 2.1.0 with use of yajl_tree_parse function
See https://github.com/lloyd/yajl/issues/250#issuecomment-1628695214		 yes debian upstream https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698
6fe59ca50dfd65bdb3d1c87a27245b2dd1a072f9.patch [PATCH] Allow build with CMake 4.0.0 .
fixes deprecated cmake option and uses cmake 2.8.0 TARGET_FILE
update cmake supported minimum versions to 2.8.0...3.10
.
ref:
- https://cmake.org/cmake/help/latest/policy/CMP0026.html
.
CMake Error at .../CMakeLists.txt: (GET_TARGET_PROPERTY):
The LOCATION property may not be read from target "json_...". Use the
target name directly with add_custom_command, or use the generator
expression $<TARGET_FILE>, as appropriate.
.
Signed-off-by: Rudi Heitbaum <rudi@heitbaum.com>		 Rudi Heitbaum <rudi@heitbaum.com> yes debian upstream https://github.com/lloyd/yajl/pull/256/commits/6fe59ca50dfd65bdb3d1c87a27245b2dd1a072f9 2025-03-28

All known versions for source package 'yajl'

Links