[ALSA-2025:17162] Moderate: perl-JSON-XS security update
Type:
security
Severity:
moderate
Release date:
2025-10-20
Description:
This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C. Security Fix(es): * JSON-XS: integer buffer overflow causing a segfault when parsing crafted JSON (CVE-2025-40928) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 perl-JSON-XS-4.04-1.el9_6.aarch64.rpm c6acc2cac70223b0a9c5f3ea97fd4dab80606960e65e2818d9028a9c68f47b02
ppc64le perl-JSON-XS-4.04-1.el9_6.ppc64le.rpm 0c91145956eddc9f0d8a75c2241382ea25d7ce033495560968e62f4c6062d72b
s390x perl-JSON-XS-4.04-1.el9_6.s390x.rpm d056e770be417a357ebf9549b36c656782e6d73be2e25fd9923ce55cf8b58717
x86_64 perl-JSON-XS-4.04-1.el9_6.x86_64.rpm 006141aff190c02b3ba9ec690468d22a79e8cfc29a1821a8046d122516b11929
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.