Source: libcpanel-json-xs-perl Version: 4.40-1 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerabilities were published for libcpanel-json-xs-perl. CVE-2026-9334[0]: | dupkeys_as_arrayref type confusion CVE-2026-9516[1]: | BOM-shift PV-corruption SIGABRT Gregor, both are fixed in the new upstream version 4.41. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2026-9334 https://www.cve.org/CVERecord?id=CVE-2026-9334 https://github.com/rurban/Cpanel-JSON-XS/commit/11a7c550a0d8fac2f84414f24d5df9b2bfe346e2 [1] https://security-tracker.debian.org/tracker/CVE-2026-9516 https://www.cve.org/CVERecord?id=CVE-2026-9516 https://github.com/rurban/Cpanel-JSON-XS/commit/dfe1b41a36caba51dc12a2917fe50285d1ffaa7b Please adjust the affected versions in the BTS as needed. Regards, Salvatore
