libjson0 0.9-1ubuntu1 from Ubuntu-Server 12.04.4 LTS "Precise Pangolin" is *still* affected by this bug.
OpenSUSE seems to have fixed their json-c v0.9 package. See https://bugzilla.novell.com/show_bug.cgi?id=870147 Patch: https://build.opensuse.org/package/view_file/openSUSE:Factory/json-c/json-c-hash-dos-and-overflow-random-seed-4e.patch ** Bug watch added: Novell/SUSE Bugzilla #870147 https://bugzilla.novell.com/show_bug.cgi?id=870147 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1311397 Title: json-c: CVE-2013-6370 CVE-2013-6371 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/json-c/+bug/1311397/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
