[ALSA-2023:7057] Moderate: yajl security update
Type:
security
Severity:
moderate
Release date:
2023-11-23
Description:
Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator. Security Fix(es): * yajl: Memory leak in yajl_tree_parse function (CVE-2023-33460) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 yajl-2.1.0-12.el8.aarch64.rpm 02c53cbb43f3fe9f0058dee916fcd0b0c51255184498a14e1ff6c9ab5e1dfdf7
aarch64 yajl-devel-2.1.0-12.el8.aarch64.rpm 341cd3d97bea25fc6da4df990f231dd5b55aa93afd17a30c9539969822464d34
i686 yajl-2.1.0-12.el8.i686.rpm 2cf923e962eb47de759b191334df72733a4ea13147a1b6c68dda0779c1a38a28
i686 yajl-devel-2.1.0-12.el8.i686.rpm bb6eccd076d5c8d1023e600903a44fb2a9a926278ec39cb47f32238f02478674
ppc64le yajl-devel-2.1.0-12.el8.ppc64le.rpm 12d3391bd5081498bb4f835f83d2f85f206bd8be775bcfcbba5394cb14e8bb5e
ppc64le yajl-2.1.0-12.el8.ppc64le.rpm 3dfa1d153035406af944624a1aca9c49eb47d5c9c435e79f6adcf5eae541f994
s390x yajl-2.1.0-12.el8.s390x.rpm 29d2c9015e7712b60609dfe37a032f53abc037aac037ea90f72f9943c72a8658
s390x yajl-devel-2.1.0-12.el8.s390x.rpm 3df8ad0a67fa66bec8bc2bfccda1c8c39025fe54ff938aa80106359fd42776ea
x86_64 yajl-devel-2.1.0-12.el8.x86_64.rpm 1c4cc40ab3ae54eea41746ce996269d92c5159a986f8be3c3c2b1cb707daa820
x86_64 yajl-2.1.0-12.el8.x86_64.rpm 240b5ea4f2a902171113c1b1ed23a057585a5ca4f2688580d7ba9bb92ee142f7
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.