Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:0573 - Security Advisory
Issued:
2024-01-30
Updated:
2024-01-30

RHSA-2024:0573 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: libfastjson security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libfastjson is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libfastjson library provides essential JavaScript Object Notation (JSON) handling functions. The library enables users to construct JSON objects in C, output them as JSON-formatted strings, and convert JSON-formatted strings back to the C representation of JSON objects.

Security Fix(es):

  • json-c, libfastjson: integer overflow and out-of-bounds write via a large JSON file (CVE-2020-12762)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 1835253 - CVE-2020-12762 json-c, libfastjson: integer overflow and out-of-bounds write via a large JSON file

CVEs

  • CVE-2020-12762

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM
libfastjson-0.99.9-1.el8_8.1.src.rpm SHA-256: b1a8e6b5b9c1ded468cad17e3e70b7f737d3305a5f9e2a3dda93fba041097ab5
x86_64
libfastjson-0.99.9-1.el8_8.1.i686.rpm SHA-256: b6f755d604124d7b8bc16273ff60500c69e8e84f57a295621728ec81161b7b22
libfastjson-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: 7718a9dfb373f02caa65257ea08948509133d376f0f88ea5a6e5e510c1583ad7
libfastjson-debuginfo-0.99.9-1.el8_8.1.i686.rpm SHA-256: 8df3239f9d9cd88e8b2c14be4cfcc47fb7257e4324a33102b31b0cd748aecdb4
libfastjson-debuginfo-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: b41a9e6937729615ee14cbc68b7f3b4dded4a9bfdd37b41e1531e1a7d0fcaa3e
libfastjson-debugsource-0.99.9-1.el8_8.1.i686.rpm SHA-256: f50f0c221d53609f2661fd3630b6b43d492abcbcd04249c5c60371008141d4c9
libfastjson-debugsource-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: a9e29044d32c057abe47727c437f11422873d47e7e7773b81d1dfeabff3b12f4

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8

SRPM
libfastjson-0.99.9-1.el8_8.1.src.rpm SHA-256: b1a8e6b5b9c1ded468cad17e3e70b7f737d3305a5f9e2a3dda93fba041097ab5
x86_64
libfastjson-0.99.9-1.el8_8.1.i686.rpm SHA-256: b6f755d604124d7b8bc16273ff60500c69e8e84f57a295621728ec81161b7b22
libfastjson-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: 7718a9dfb373f02caa65257ea08948509133d376f0f88ea5a6e5e510c1583ad7
libfastjson-debuginfo-0.99.9-1.el8_8.1.i686.rpm SHA-256: 8df3239f9d9cd88e8b2c14be4cfcc47fb7257e4324a33102b31b0cd748aecdb4
libfastjson-debuginfo-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: b41a9e6937729615ee14cbc68b7f3b4dded4a9bfdd37b41e1531e1a7d0fcaa3e
libfastjson-debugsource-0.99.9-1.el8_8.1.i686.rpm SHA-256: f50f0c221d53609f2661fd3630b6b43d492abcbcd04249c5c60371008141d4c9
libfastjson-debugsource-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: a9e29044d32c057abe47727c437f11422873d47e7e7773b81d1dfeabff3b12f4

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM
libfastjson-0.99.9-1.el8_8.1.src.rpm SHA-256: b1a8e6b5b9c1ded468cad17e3e70b7f737d3305a5f9e2a3dda93fba041097ab5
s390x
libfastjson-0.99.9-1.el8_8.1.s390x.rpm SHA-256: 50298e3e24808c15aa91e7dc3d0add4039a702c46ec5f8f1781abe663a5fbab3
libfastjson-debuginfo-0.99.9-1.el8_8.1.s390x.rpm SHA-256: 40c04743f2912a06b5bf3007d20bfb849e21088e123615248f00fb942cd62fa6
libfastjson-debugsource-0.99.9-1.el8_8.1.s390x.rpm SHA-256: 7200597937dec75b8ba125d0e10f68319d6ec8cd1417226f9b20acb7902932e9

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM
libfastjson-0.99.9-1.el8_8.1.src.rpm SHA-256: b1a8e6b5b9c1ded468cad17e3e70b7f737d3305a5f9e2a3dda93fba041097ab5
ppc64le
libfastjson-0.99.9-1.el8_8.1.ppc64le.rpm SHA-256: b6aef80a849022adc95f8f76ee46ceceb7f2a083ca7deed94433c846196df1f3
libfastjson-debuginfo-0.99.9-1.el8_8.1.ppc64le.rpm SHA-256: 2641333243587c56fd633e3f217bddedfb90c587a0b1ff36ea70da90166a1740
libfastjson-debugsource-0.99.9-1.el8_8.1.ppc64le.rpm SHA-256: f037933f2c994ad9988274727b6d5a55db4b25df11bde10f6839dbce96bbd41b

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
libfastjson-0.99.9-1.el8_8.1.src.rpm SHA-256: b1a8e6b5b9c1ded468cad17e3e70b7f737d3305a5f9e2a3dda93fba041097ab5
x86_64
libfastjson-0.99.9-1.el8_8.1.i686.rpm SHA-256: b6f755d604124d7b8bc16273ff60500c69e8e84f57a295621728ec81161b7b22
libfastjson-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: 7718a9dfb373f02caa65257ea08948509133d376f0f88ea5a6e5e510c1583ad7
libfastjson-debuginfo-0.99.9-1.el8_8.1.i686.rpm SHA-256: 8df3239f9d9cd88e8b2c14be4cfcc47fb7257e4324a33102b31b0cd748aecdb4
libfastjson-debuginfo-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: b41a9e6937729615ee14cbc68b7f3b4dded4a9bfdd37b41e1531e1a7d0fcaa3e
libfastjson-debugsource-0.99.9-1.el8_8.1.i686.rpm SHA-256: f50f0c221d53609f2661fd3630b6b43d492abcbcd04249c5c60371008141d4c9
libfastjson-debugsource-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: a9e29044d32c057abe47727c437f11422873d47e7e7773b81d1dfeabff3b12f4

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM
libfastjson-0.99.9-1.el8_8.1.src.rpm SHA-256: b1a8e6b5b9c1ded468cad17e3e70b7f737d3305a5f9e2a3dda93fba041097ab5
aarch64
libfastjson-0.99.9-1.el8_8.1.aarch64.rpm SHA-256: 76edfa56be0f5e2794146da0f9c9487aac638fcea680380cc451a7bef19a235f
libfastjson-debuginfo-0.99.9-1.el8_8.1.aarch64.rpm SHA-256: 2f4e0f08b8e6dc0c2988f73eca2ddc04e1e5fef1cb1392d95ced763ba18e57d7
libfastjson-debugsource-0.99.9-1.el8_8.1.aarch64.rpm SHA-256: 64a8c5edafe6f802fb303812d22eff3f6718a69dfb124ec144d597eb35e48d14

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
libfastjson-0.99.9-1.el8_8.1.src.rpm SHA-256: b1a8e6b5b9c1ded468cad17e3e70b7f737d3305a5f9e2a3dda93fba041097ab5
ppc64le
libfastjson-0.99.9-1.el8_8.1.ppc64le.rpm SHA-256: b6aef80a849022adc95f8f76ee46ceceb7f2a083ca7deed94433c846196df1f3
libfastjson-debuginfo-0.99.9-1.el8_8.1.ppc64le.rpm SHA-256: 2641333243587c56fd633e3f217bddedfb90c587a0b1ff36ea70da90166a1740
libfastjson-debugsource-0.99.9-1.el8_8.1.ppc64le.rpm SHA-256: f037933f2c994ad9988274727b6d5a55db4b25df11bde10f6839dbce96bbd41b

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
libfastjson-0.99.9-1.el8_8.1.src.rpm SHA-256: b1a8e6b5b9c1ded468cad17e3e70b7f737d3305a5f9e2a3dda93fba041097ab5
x86_64
libfastjson-0.99.9-1.el8_8.1.i686.rpm SHA-256: b6f755d604124d7b8bc16273ff60500c69e8e84f57a295621728ec81161b7b22
libfastjson-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: 7718a9dfb373f02caa65257ea08948509133d376f0f88ea5a6e5e510c1583ad7
libfastjson-debuginfo-0.99.9-1.el8_8.1.i686.rpm SHA-256: 8df3239f9d9cd88e8b2c14be4cfcc47fb7257e4324a33102b31b0cd748aecdb4
libfastjson-debuginfo-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: b41a9e6937729615ee14cbc68b7f3b4dded4a9bfdd37b41e1531e1a7d0fcaa3e
libfastjson-debugsource-0.99.9-1.el8_8.1.i686.rpm SHA-256: f50f0c221d53609f2661fd3630b6b43d492abcbcd04249c5c60371008141d4c9
libfastjson-debugsource-0.99.9-1.el8_8.1.x86_64.rpm SHA-256: a9e29044d32c057abe47727c437f11422873d47e7e7773b81d1dfeabff3b12f4

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility