Maintainer of devel/jansson, There is a report of an denial of service issue (CVE-2016-4425) in the library reported on oss-security (http://www.openwall.com/lists/oss-security/2016/05/02/1). The report indicates this impacts jansson < 2.5 and the fix is still pending at https://github.com/akheron/jansson/issues/282. When there is a resolution, this will need to filter down into the port and get a VuXML entry.
It looks like the fix was applied upstream: https://github.com/akheron/jansson/pull/284
A commit references this bug: Author: vanilla Date: Wed May 4 06:25:13 UTC 2016 New revision: 414586 URL: https://svnweb.freebsd.org/changeset/ports/414586 Log: Fix CVE-2016-4425. PR: 209219 Submitted by: junovitch@ Changes: head/devel/jansson/Makefile head/devel/jansson/files/patch-CVE-2016-4425
A commit references this bug: Author: vanilla Date: Wed May 4 06:25:53 UTC 2016 New revision: 414587 URL: https://svnweb.freebsd.org/changeset/ports/414587 Log: Add entry of devel/jansson PR: 209219 Submitted by: junovitch@ Changes: head/security/vuxml/vuln.xml