Fedora Linux 8482 Published by

A R-jsonlite security update has been released for Fedora 38.



[SECURITY] Fedora 38 Update: R-jsonlite-1.8.5-2.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-0b0bb84049
2023-07-21 02:25:07.834330
--------------------------------------------------------------------------------

Name : R-jsonlite
Product : Fedora 38
Version : 1.8.5
Release : 2.fc38
URL : https://CRAN.R-project.org/package=jsonlite
Summary : A Simple and Robust JSON Parser and Generator for R
Description :
A reasonably fast JSON parser and generator, optimized for statistical data and
the web. Offers simple, flexible tools for working with JSON in R, and is
particularly powerful for building pipelines and interacting with a web API.
The implementation is based on the mapping described in the vignette (Ooms,
2014). In addition to converting JSON data from/to R objects, 'jsonlite'
contains functions to stream, validate, and prettify JSON data. The unit tests
included with the package verify that all edge cases are encoded and decoded
consistently for use with dynamic data in systems and applications.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2023-33460a
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul 12 2023 Ali Erdinc Koroglu [aekoroglu@fedoraproject.org] - 1.8.5-2
* Fix for CVE-2023-33460a (RHBZ #2222241)
* Mon Jun 5 2023 Tom Callaway [spot@fedoraproject.org] - 1.8.5-1
- update to 1.8.5
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2221249 - CVE-2023-33460 yajl: Memory leak in yajl_tree_parse function
https://bugzilla.redhat.com/show_bug.cgi?id=2221249
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-0b0bb84049' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------