ALSA-2025:17163

[ALSA-2025:17163] Moderate: perl-JSON-XS security update

Type:

security

Severity:

moderate

Release date:

2025-10-20

Description:

This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C.  

Security Fix(es):  

  * JSON-XS: integer buffer overflow causing a segfault when parsing crafted JSON (CVE-2025-40928)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	perl-JSON-XS-3.04-4.el8_10.aarch64.rpm	f712fdc5602d73257afefa68a178ca5186315f25563c323513a7dcb639e5a404
ppc64le	perl-JSON-XS-3.04-4.el8_10.ppc64le.rpm	16913365033573f869dbdd46bcab3624fb3bbfd80ab88018dffa7afd571f7e4a
s390x	perl-JSON-XS-3.04-4.el8_10.s390x.rpm	87a41cb0fd1c351ab79219b99f246b321b0a3a67f053b88a49241db31c6cec98
x86_64	perl-JSON-XS-3.04-4.el8_10.x86_64.rpm	d330b0df144b680f483e51aa39f3a9cb976fa5c4a15b942e93c90ba1d143af06

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.