-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6336-1 [email protected] https://www.debian.org/security/ Markus Koschany June 10, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : jackson-core CVE ID : CVE-2025-52999 Debian Bug : 1108367 A flaw was discovered in jackson-core, a fast and powerful JSON library for Java, which may allow an attacker to cause a denial of service by using deeply nested JSON data. Please note that related and complementary jackson-* packages like jackson- databind or jackson-dataformat-smile had to be upgraded as well in order to fix build failures caused by the changes to jackson-core. For the oldstable distribution (bookworm), this problem has been fixed in version 2.14.1-2~deb12u1. For the stable distribution (trixie), this problem has been fixed in version 2.14.1-2~deb13u1. We recommend that you upgrade your jackson-core packages. For the detailed security status of jackson-core please refer to its security tracker page at: https://security-tracker.debian.org/tracker/jackson-core Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmop009fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeTcvBAAgyICDGoLUoz6k6eEZdqxghFK9IYWLSxLWJRzSvcsqNQVnioKG8UMcwNg k7UCbqpvRMpHjROT676023mZKAox9AdrOuy2loRoYPi/0Gu1iNaBCWkF+qqAlw0i Yf+qDOG9aBDHwucxz3M1SXEmYIJkbqKUTxwsCTz1sfsALrnsRIXDM0MJJ9SdSdsK E4Hv0XVg5K2l8SQrtFGI5UotdyZS2N9XO7uVJuriagxsW1eQTqdnqnHvKVWc8Ia7 ApLbB3qOO1R5lvefihXCpwabZSq6BGf9lGVMvr2KAPqTWdYCBw7ClY32J0aKO6vo pY4k3dWDtOCZo2zyz798RoJBgAOZU04IMWzMt4Gpk05vSRP85gHeBzg6KH1TYbwx WuVTQi5mIjEAOwXsGOsYXrK31W0pZ3NocDxpbaqDkJlLu3S/7/QhAcVCVmLjuhd3 wuUloz7tGZuUU2dSyIfWMkdg9WQHTSQk7/h/u1h6dk59nfQKMAAt1hCIUWoXtj1Q bPb9INAJXpMdvPT4koIw7pieqYilRJeu7nVsz8t0SZp7WR+vt4owFck7aclVmum9 Vx/WC0ZGWAWzy77dx0uOZlE5t6iGpdL88fJOq4FLUEht84mde8bUZ1b0Mi98Q8+D yDLNvUcJT/Pcz8J1FnWuBwp3zS6p/u3gHfeu1/jiUh48ha7nOtM= =t2oC -----END PGP SIGNATURE-----

