-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : jansson Version : 2.3.1-2+deb7u1 CVE ID : CVE-2016-4425 Debian Bug : 823238
Applications that depend on Jansson, a C library for encoding, decoding and manipulating JSON data, could crash due to stack exhaustion while parsing a JSON file. This was caused due to an unlimited parsing depth when parsing JSON arrays and is now fixed by limiting the depth to 2048. For Debian 7 "Wheezy", this problem has been fixed in version 2.3.1-2+deb7u1. We recommend that you upgrade your jansson packages. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJXNgo8XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkehIP/0k/xpHU+mES/EeGnzmF8DYL hYv1Gt343/4qc0b+VUsSUg/9ho35NYlyS+adcpVfkdZQJSSqTgaeMR3NhaH82asv opSkiSwUs/3WRlV4gUr6jqfzfhGALBls8Q4PIuoUAZ8aLpVWEyECm1w4PBYQpF4P y1FjwtcE5HTdc5fCEuJk7YhvHFQLMakvfkEq0Y8TArpY6mpBYH9wwKhslxNd78QA fdg1s1t90fEZs5W/8HcNUk2r+SQpClGufGNl+2ydF78KnkZXlFSrfmHSXNHRNHje DDscfI+WD07K1iFZPjVtACQpUuVqLV2wFjSzpZy5txR+iswA3w2NHAxZdgZGg/7I WxsF/oxJz0yeCtzRkOhZbtBuYMpoVhF67wTWu+JHlUVTHTjuk2MsbMaYlxkkPT+V Qi8S2vSFRo0wOmvV6zSeOT++YireS1YlDt8fapnlQQwApFmaC4lo0vUy8LB9c6Hq W5LYmFMC1h2pWcBJCX4mIhyAgoTZPjmwmCwiC3ymeFikWBjIhRW5CWfksgvc1lvN HTBmBQEGYqNHFaQFVNZ7k+oEI/6kTv81vPVylk/RdIpCH6Oh67QDlZz/p9b1Igtb 6WR4rlgpMuHdGD9Y6xm+5PMsa/mc13paEstr2pyx6uxd35qdgoUpH/xQB9q8Xj9g IDyZquaHlcVpMrsMzxGp =YYMi -----END PGP SIGNATURE-----