-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6001-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 14, 2025 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : cjson CVE ID : CVE-2025-57052 It was discovered that cJSON, an ultralightweight JSON parser, performed insufficient input sanitising, which could result in out-of-bounds memory access. For the oldstable distribution (bookworm), this problem has been fixed in version 1.7.15-1+deb12u4. For the stable distribution (trixie), this problem has been fixed in version 1.7.18-3.1+deb13u1. We recommend that you upgrade your cjson packages. For the detailed security status of cjson please refer to its security tracker page at: https://security-tracker.debian.org/tracker/cjson Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmjHCyQACgkQEMKTtsN8 TjbLkA/9G2mfvVzXhB36SxwX0OE5SWFLIzleIeNTvuzInzSVuri9s95HRz6pCPwm xeucu/MUS6dToaidtIdv3or8H7SayZzJl6cherw529GMFRIYJDwpegmvKodNA01n lbvspditDK9yW2Sd9avDKfS+gAMRiQyfkYzFTzuwxUgxL2S6pns+vUikEG7Mq4i3 UH1NGd4SD5sq68QRfl/JxOqwBj9FK2y6vsY6pekCSlPi1UPiCBRvVHUV0O1hr/vz Z+EVsIheveh/eA31u9B8UakX9Mc5nAeyjeXXPFJrG63P8CM9hL+hW1zJ32rSUYx4 jqFeNd3NqEH31z9MpC8GQdtSyu40pscIXdON2utrBn9GTyVp47lRYhAXizSx8a7j Ui0u3dU8IZjpGxP0JmeD0erKtf0LQiKxRdfjpk3AjF4PG6Z4CArAgNHn6CWqetBZ NY8ToaRrH/RwiilOf3bx+708qKYbIXuySXEIZlpl6Un+3rDxEw8u7Q+P3IhT5lVu vDBvHl/IOXnBQes4XcTwVFnY5mBS5AYhA6JOBED4iUI3ylYd9HE8VzxvM2Hlz+VA UxCHf+B+Tc3HOLaEMEEFnu9Yr8XiMPD27QZRQVnMoe2r9h8A3sllJ5G9v2hW+HJe loxs6BB6Er7vOu1d+JQtKwZ5BBDhgHK30dn2vQZJNvmsw9sWKuo= =w0xS -----END PGP SIGNATURE-----
