--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-7803508155
2017-02-25 19:18:00.756223
--------------------------------------------------------------------------------

Name        : python-cjson
Product     : Fedora 25
Version     : 1.1.0
Release     : 9.fc25
URL         : https://pypi.org/project/python-cjson/
Summary     : Fast JSON encoder/decoder for Python
Description :
This module implements a very fast JSON encoder/decoder for Python.

JSON stands for JavaScript Object Notation and is a text based lightweight
data exchange format which is easy for humans to read/write and for machines
to parse/generate. JSON is completely language independent and has multiple
implementations in most of the programming languages, making it ideal for
data exchange and storage.

The module is written in C and it is up to 250 times faster when compared to
the other python JSON implementations which are written directly in python.
This speed gain varies with the complexity of the data and the operation and
is the the range of 10-200 times for encoding operations and in the range of
100-250 times for decoding operations.

--------------------------------------------------------------------------------
Update Information:

This update prevents `python-cjson` from crashing when attempting to parse
heavily nested JSON structures (which could be exploited for denial of service
purposes, against any application that uses `python-cjson` to parse arbitrary
input).
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade python-cjson' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 25: python-cjson Security Update

February 26, 2017
This update prevents `python-cjson` from crashing when attempting to parse heavily nested JSON structures (which could be exploited for denial of service purposes, against any appl...

Summary

This module implements a very fast JSON encoder/decoder for Python.

JSON stands for JavaScript Object Notation and is a text based lightweight

data exchange format which is easy for humans to read/write and for machines

to parse/generate. JSON is completely language independent and has multiple

implementations in most of the programming languages, making it ideal for

data exchange and storage.

The module is written in C and it is up to 250 times faster when compared to

the other python JSON implementations which are written directly in python.

This speed gain varies with the complexity of the data and the operation and

is the the range of 10-200 times for encoding operations and in the range of

100-250 times for decoding operations.

Update Information:

This update prevents `python-cjson` from crashing when attempting to parse heavily nested JSON structures (which could be exploited for denial of service purposes, against any application that uses `python-cjson` to parse arbitrary input).

Change Log

References

Fedora Update Notification FEDORA-2017-7803508155 2017-02-25 19:18:00.756223 Name : python-cjson Product : Fedora 25 Version : 1.1.0 Release : 9.fc25 URL : https://pypi.org/project/python-cjson/ Summary : Fast JSON encoder/decoder for Python Description : This module implements a very fast JSON encoder/decoder for Python. JSON stands for JavaScript Object Notation and is a text based lightweight data exchange format which is easy for humans to read/write and for machines to parse/generate. JSON is completely language independent and has multiple implementations in most of the programming languages, making it ideal for data exchange and storage. The module is written in C and it is up to 250 times faster when compared to the other python JSON implementations which are written directly in python. This speed gain varies with the complexity of the data and the operation and is the the range of 10-200 times for encoding operations and in the range of 100-250 times for decoding operations.

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade python-cjson' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
Name : python-cjson
Product : Fedora 25
Version : 1.1.0
Release : 9.fc25
URL : https://pypi.org/project/python-cjson/
Summary : Fast JSON encoder/decoder for Python

Related News