home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   linux.debian.announce.security      Debian security announcements I think?      29 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 27 of 29   
   Salvatore Bonaccorso to All   
   [SECURITY] [DSA 5999-1] libjson-xs-perl    
   11 Sep 25 21:50:01   
   
   From: carnil@debian.org   
      
   -----BEGIN PGP SIGNED MESSAGE-----   
   Hash: SHA512   
      
   - -------------------------------------------------------------------------   
   Debian Security Advisory DSA-5999-1                   security@debian.org   
   https://www.debian.org/security/                     Salvatore Bonaccorso   
   September 11, 2025                    https://www.debian.org/security/faq   
   - -------------------------------------------------------------------------   
      
   Package        : libjson-xs-perl   
   CVE ID         : CVE-2025-40928   
      
   Michael Hudak discovered a flaw in libjson-xs-perl, a module for   
   manipulating JSON-formatted data. An integer buffer overflow causing a   
   segfault when parsing specially crafted JSON, may allow an attacker to   
   mount a denial-of-service attack or cause other unspecified impact.   
      
   For the oldstable distribution (bookworm), this problem has been fixed   
   in version 4.040-1~deb12u1.   
      
   For the stable distribution (trixie), this problem has been fixed in   
   version 4.040-1~deb13u1.   
      
   We recommend that you upgrade your libjson-xs-perl packages.   
      
   For the detailed security status of libjson-xs-perl please refer to its   
   security tracker page at:   
   https://security-tracker.debian.org/tracker/libjson-xs-perl   
      
   Further information about Debian Security Advisories, how to apply   
   these updates to your system and frequently asked questions can be   
   found at: https://www.debian.org/security/   
      
   Mailing list: debian-security-announce@lists.debian.org   
   -----BEGIN PGP SIGNATURE-----   
      
   iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmjDJVpfFIAAAAAALgAo   
   aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2   
   NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND   
   z0Q+ow/6A6OmsHkzbwjmXB3HidHnMoWg7O0jq65OQniphjC1j+EGKgDAsIXhI2eT   
   l4oZDUQVpZGHY9HpagYWS7/mcuGmDT2PmV3/c5vR6nXGoKEus+2XrgpxPKX3Q/2w   
   I383yGBDoG0QwSvwhWaiZtDz0ZiSvgEeuMUQPNi/+Pyi/mnXnjHGWdh5Nybl621R   
   l+v3aVRpfdEiYA+vwQWvpexGnkxgG2kYtcfcXikx+7B1k8DSJt+lKe6bWfZ8Tdag   
   +e0+WBywrESJuR50hgOpzW91myDdZK0Mdic8kP6OWvMBwj/JTCP6DydckxH++MPP   
   HkDDIdXX7Rn+32GF2tS4dVt5X9hBHZm1s0Rf5kr2YkuUPBGW2QcY4uF1hpbPeFIa   
   Ddp0LBdBvxPU4pfetsHWKOEuejuXAZQOTw7NE1YMMSUVMOS9JuM57yVOshuiW/o3   
   KBWw6WeM3tVHhuxWPz+MsCTsBABMlKGvWz+Zeo3a9XmEaD50JWO7lICtDtWN53C8   
   aUbLT0U7vi2bHnKS8vjVl220r6ONXcx78pASSEYCSlqFyMKM402u/VQsyYufB4Zd   
   tJ4YnZ5ANuKlFvpjeyjNZWtPxCmY0E7WPpiuug2WmiIX9/F4lNXaCl4V4qAhyp0B   
   WZsNcMxHOiRMfXnF3mAGC/cZ2Lk1D053KfVOssmoglbjdUsoGQQ=   
   =yIsc   
   -----END PGP SIGNATURE-----   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca