Tuesday 9th September 2025
Fedora Project
Updated perl-Cpanel-JSON-XS to 4.40 in F-41, F-42, F-43, Rawhide, EPEL-8, EPEL-9, EPEL-10.0, EPEL-10.1 and EPEL-10.2:
Fix overflow with overlong numbers, fuzzing only (CVE-2025-40929)
- Detect more malformed numbers, with two decimal points
Pin Github actions to latest @v via pinact run -u
Local Packages
Updated perl-Cpanel-JSON-XS to 4.40 as per the Fedora version
Updated perl-JSON-XS to 4.03:
Fix heap overflow causing crashes, possibly information disclosure or worse (CVE-2025-40928), and causes JSON::XS to accept invalid JSON texts as valid in some cases