The CVE-2020-12762 vulnerability was announced and then fixed. But there are still many weaknesses. In Debian buster or later, and Ubuntu bionic or later, json-c is used in cryptsetup that is used for encryption of storage device, so it is necessary to improve the quality. So then I made patches for debian/ubuntu.
- Required packages:
packaging-dev,lzip/ Preparation:sudo apt-get build-dep json-c
(# in some directory)
git clone -b stretch --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.12.1.orig.tar.gz
cd json-c-json-c-0.12.1-20160607
tar xf ../json-c_0.12.1-1.1+deb9u1.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us
(# in some directory)
git clone -b buster --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.12.1+ds.orig.tar.gz
cd json-c-0.12.1+ds
tar xf ../json-c_0.12.1+ds-2+deb10u1.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us
(# in some directory)
git clone -b bullseye --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.15.orig.tar.gz
cd json-c-json-c-0.15-20200726
tar xf ../json-c_0.15-2+deb11u1.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us
(# in some directory)
git clone -b bookworm --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.16.orig.tar.gz
cd json-c-json-c-0.16-20220414
tar xf ../json-c_0.16-2.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us
(# in some directory)
git clone -b xenial --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.11.orig.tar.gz
cd json-c-0.11
tar xf ../json-c_0.11-4ubuntu2.6.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us
(# in some directory)
git clone -b bionic --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.12.1.orig.tar.gz
cd json-c-json-c-0.12.1-20160607
tar xf ../json-c_0.12.1-1.3ubuntu0.3.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us
(# in some directory)
git clone -b focal --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.13.1+dfsg.orig.tar.gz
cd json-c-json-c-0.13.1-20180305
tar xf ../json-c_0.13.1+dfsg-7ubuntu0.3.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us
(# in some directory)
git clone -b jammy --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.15.orig.tar.gz
cd json-c-json-c-0.15-20200726
tar xf ../json-c_0.15-3~ubuntu1.22.04.2.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us
(# in some directory)
git clone -b noble --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.17.orig.tar.gz
cd json-c-json-c-0.17-20230812
tar xf ../json-c_0.17-1build1.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us
Last updated 21 Apr 2024