Package: libghc-aeson-dev Version: 0.7.0.3-1+b2 Severity: important Dear Maintainer,
The aeson-7.0.3 package has serious vulnerbility to DOS attack. This issue had already reported and completely fixed in upstream, see the URL. https://github.com/bos/aeson/issues/198 The following packages had been updated in order to fix the issue. aeson-7.0.3 -> aeson-7.0.6 scientific-0.2.0.2 -> scientific-3.2.0 attoparsec-0.11.2.1 -> attoparsec-0.11.3.4 -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libghc-aeson-dev depends on: ii libc6 2.19-13 ii libffi5 3.0.10-3 pn libghc-attoparsec-dev-0.10.1.1-54f68 <none> pn libghc-base-dev-4.5.0.0-40b99 <none> pn libghc-blaze-builder-dev-0.3.1.0-4b485 <none> pn libghc-bytestring-dev-0.9.2.1-18f26 <none> pn libghc-containers-dev-0.4.2.1-cfc64 <none> pn libghc-deepseq-dev-1.3.0.0-a73ec <none> pn libghc-dlist-dev-0.5-72763 <none> pn libghc-ghc-prim-dev-0.2.0.0-c2ff6 <none> pn libghc-hashable-dev-1.1.2.3-1b1ae <none> pn libghc-mtl-dev-2.1.1-80110 <none> pn libghc-old-locale-dev-1.0.0.4-a2c3d <none> pn libghc-syb-dev-0.3.6.1-25afc <none> pn libghc-template-haskell-dev-2.7.0.0-8c8cd <none> pn libghc-text-dev-0.11.2.0-cbc26 <none> pn libghc-time-dev-1.4-96b42 <none> pn libghc-unordered-containers-dev-0.2.1.0-6c854 <none> pn libghc-vector-dev-0.9.1-5feab <none> ii libgmp10 2:6.0.0+dfsg-6 libghc-aeson-dev recommends no packages. Versions of packages libghc-aeson-dev suggests: pn libghc-aeson-doc <none> pn libghc-aeson-prof <none> -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
