[ALSA-2022:7524] Moderate: yajl security update
Type:
security
Severity:
moderate
Release date:
2022-11-14
Description:
Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C and a small validating JSON generator. Security Fix(es): * yajl: heap-based buffer overflow when handling large inputs due to an integer overflow (CVE-2022-24795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 yajl-2.1.0-11.el8.aarch64.rpm 854a70e9a27e89ac7eb09186657aa94214a72c5c66bbafc7f4752cd3c176b17d
aarch64 yajl-devel-2.1.0-11.el8.aarch64.rpm 8e6e60a7cede49026f1d05ab4b42d7696175b9ededfe8f4d8139b3cc45048678
i686 yajl-devel-2.1.0-11.el8.i686.rpm 6606089a06634514380d59c62054347c588f8085d148b7f0a98ca3a522e3db1d
i686 yajl-2.1.0-11.el8.i686.rpm 71980b28ec8fde6b2a046944c93e4b328328609eaaa8c5f24036e5f34e830a1f
ppc64le yajl-2.1.0-11.el8.ppc64le.rpm 0a641c7f964d81019863f758933cf1e77e03237099cf8a9560713bf28774fe99
ppc64le yajl-devel-2.1.0-11.el8.ppc64le.rpm cad5d24caf3ef17f02320d1feb76910a85cba1fa3021c4885bf31e2f05241537
s390x yajl-2.1.0-11.el8.s390x.rpm 23e7b239ce8f935af654242ea3dd1b60bbe84d283904827118991cfaff004353
s390x yajl-devel-2.1.0-11.el8.s390x.rpm b3a79744a7702161cdb657b4ec4adadd50f7e3f50cf6d28b887f8a11c2e88435
x86_64 yajl-2.1.0-11.el8.x86_64.rpm ba8b9cccbc6d9f945fad9c50f205d2c341b9e8acc7786e7da81f369dbf9c5a1f
x86_64 yajl-devel-2.1.0-11.el8.x86_64.rpm e524e60a707c0287ea76c93e75a702a89ef47ee4a14ee0b827bd4197effe4cae
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.