Package: burp | Debian Sources

Package: burp / 3.1.4-4

Package	Version	Patches format
burp	3.1.4-4	3.0 (quilt)

Patch	File delta	Description
CVE 2017 16516.patch \| (download)	src/yajl/yajl_encode.c \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	fix for cve-2017-16516 Potential buffer overread: A JSON file can cause denial of service.
CVE 2022 24795.patch \| (download)	src/yajl/yajl_buf.c \| 12 11 + 1 - 0 ! 1 file changed, 11 insertions(+), 1 deletion(-)	fix for cve-2022-24795 An integer overflow will lead to heap memory corruption with large (~2GB) inputs.
CVE 2023 33460 part1.patch \| (download)	src/yajl/yajl_tree.c \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	fix for cve-2023-33460, part1 Memory leak in yajl 2.1.0 with use of yajl_tree_parse function
CVE 2023 33460 part2.patch \| (download)	src/yajl/yajl_tree.c \| 6 5 + 1 - 0 ! 1 file changed, 5 insertions(+), 1 deletion(-)	[patch] yajl: fix memory leak problem reason: fix memory leak problem
remove unnecessary but broken zlib version check in fzp t.patch \| (download)	utest/test_fzp.c \| 2 0 + 2 - 0 ! 1 file changed, 2 deletions(-)	remove unnecessary but broken zlib version check in fzp test Debian-Bug: http://bugs.debian.org/1057880 Ubuntu-Bug: https://launchpad.net/bugs/2046149
0006 Fix time_t transition leftover.patch \| (download)	src/server/monitor/json_output.c \| 4 2 + 2 - 0 ! src/server/timer.c \| 4 2 + 2 - 0 ! src/server/timestamp.c \| 2 1 + 1 - 0 ! src/server/timestamp.h \| 2 1 + 1 - 0 ! 4 files changed, 6 insertions(+), 6 deletions(-)	fix time_t transition leftover Closes: #1091240

Patch	File delta	Description
CVE 2017 16516.patch \| (download)	src/yajl/yajl_encode.c \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	fix for cve-2017-16516 Potential buffer overread: A JSON file can cause denial of service.
CVE 2022 24795.patch \| (download)	src/yajl/yajl_buf.c \| 12 11 + 1 - 0 ! 1 file changed, 11 insertions(+), 1 deletion(-)	fix for cve-2022-24795 An integer overflow will lead to heap memory corruption with large (~2GB) inputs.
CVE 2023 33460 part1.patch \| (download)	src/yajl/yajl_tree.c \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	fix for cve-2023-33460, part1 Memory leak in yajl 2.1.0 with use of yajl_tree_parse function
CVE 2023 33460 part2.patch \| (download)	src/yajl/yajl_tree.c \| 6 5 + 1 - 0 ! 1 file changed, 5 insertions(+), 1 deletion(-)	[patch] yajl: fix memory leak problem reason: fix memory leak problem
remove unnecessary but broken zlib version check in fzp t.patch \| (download)	utest/test_fzp.c \| 2 0 + 2 - 0 ! 1 file changed, 2 deletions(-)	remove unnecessary but broken zlib version check in fzp test Debian-Bug: http://bugs.debian.org/1057880 Ubuntu-Bug: https://launchpad.net/bugs/2046149
0006 Fix time_t transition leftover.patch \| (download)	src/server/monitor/json_output.c \| 4 2 + 2 - 0 ! src/server/timer.c \| 4 2 + 2 - 0 ! src/server/timestamp.c \| 2 1 + 1 - 0 ! src/server/timestamp.h \| 2 1 + 1 - 0 ! 4 files changed, 6 insertions(+), 6 deletions(-)	fix time_t transition leftover Closes: #1091240