[ALSA-2025:17119] Moderate: perl-JSON-XS security update
Type:
security
Severity:
moderate
Release date:
2025-10-01
Description:
This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C. Security Fix(es): * JSON-XS: integer buffer overflow causing a segfault when parsing crafted JSON (CVE-2025-40928) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 perl-JSON-XS-4.04-1.el10_0.aarch64.rpm 1338766ed3eac925ad250e530e255fc7f9afc568389a1dbe7fd22905fd667355
ppc64le perl-JSON-XS-4.04-1.el10_0.ppc64le.rpm 5f9b1239a81c462cdd138a635b455a87e706190a5df6eb74fbda8b571c7bd08c
s390x perl-JSON-XS-4.04-1.el10_0.s390x.rpm 7c3259160cd2bb34b4ed9c807af1fc2e1b6dbf53e8794fb249b67361543deead
x86_64 perl-JSON-XS-4.04-1.el10_0.x86_64.rpm b0e5d3ea5a682109372867b35008d50a86b99ee98115f6476b0fdafb1219a0a4
x86_64_v2 perl-JSON-XS-4.04-1.el10_0.x86_64_v2.rpm a683b9fb14454a31caf736b9cb56c894c2d6d7ffd29d1a6a2f968d3779fdc729
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.