Skip to content

Instantly share code, notes, and snippets.

@h-yamamo
Last active Feb 11, 2021
Embed
What would you like to do?
json-c: Improve performance and robustness for debian/ubuntu include CVE-2020-12762

json-c: Improve performance and robustness for debian/ubuntu

The CVE-2020-12762 vulnerability was announced and then fixed. But there are still many weaknesses. In Debian buster and bullseye, and Ubuntu bionic and focal, json-c is used in cryptsetup that is used for encryption of storage device, so it is necessary to improve the quality. So then I made patches for debian/ubuntu.

How to build

  • Required packages: packaging-dev, lzip / Preparation: sudo apt-get build-dep json-c

Debian 9 (stretch)

(# in some directory)
git clone -b stretch --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.12.1.orig.tar.gz
cd json-c-json-c-0.12.1-20160607
tar xf ../json-c_0.12.1-1.1+deb9u1.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us

Debian 10 (buster)

(# in some directory)
git clone -b buster --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.12.1+ds.orig.tar.gz
cd json-c-0.12.1+ds
tar xf ../json-c_0.12.1+ds-2+deb10u1.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us

Debian 11 (bullseye)

(# in some directory)
git clone -b bullseye --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.15.orig.tar.gz
cd json-c-json-c-0.15-20200726
tar xf ../json-c_0.15-2.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us

Ubuntu 16.04 LTS (xenial)

(# in some directory)
git clone -b xenial --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.11.orig.tar.gz
cd json-c-0.11
tar xf ../json-c_0.11-4ubuntu2.6.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us

Ubuntu 18.04 LTS (bionic)

(# in some directory)
git clone -b bionic --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.12.1.orig.tar.gz
cd json-c-json-c-0.12.1-20160607
tar xf ../json-c_0.12.1-1.3ubuntu0.3.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us

Ubuntu 20.04 LTS (focal)

(# in some directory)
git clone -b focal --depth 1 https://gist.github.com/h-yamamo/61161ea78f3bb7761e508ca531c7ffff
apt-get -d source json-c
tar xf json-c_0.13.1+dfsg.orig.tar.gz
cd json-c-json-c-0.13.1-20180305
tar xf ../json-c_0.13.1+dfsg-7ubuntu0.3.debian.tar.xz
tar xvf ../61161ea78f3bb7761e508ca531c7ffff/debian.tlz
(# you may edit debian/changelog and/or something others)
debuild -uc -us
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment