Updated jansson packages fix CVE-2016-4425
Publication date: 21 May 2016Modification date: 21 May 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-4425
Description
Updated jansson packages fix security vulnerability: Gustavo Grieco discovered that jansson did not limit the recursion depth when parsing JSON arrays and objects. This could allow remote attackers to cause a denial of service (crash) via stack exhaustion, using crafted JSON data (CVE-2016-4425).
References
SRPMS
5/core
- jansson-2.4-4.1.mga5