UbuntuUpdates.org

Package "pyyaml"

Name: pyyaml

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • YAML parser and emitter for Python3
  • YAML parser and emitter for Python3 (debug build)

Latest version: 5.3.1-3ubuntu1
Release: hirsute (21.04)
Level: base
Repository: main

Links



Other versions of "pyyaml" in Hirsute

No other version of this package is available in the Hirsute release.

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 5.3.1-3ubuntu1 2021-04-16 02:06:22 UTC

  pyyaml (5.3.1-3ubuntu1) hirsute; urgency=medium

  * SECURITY UPDATE: FullLoader arbitrary code execution
    - debian/patches/CVE-2020-14343.patch: move a few constructors from
      full_load to unsafe_load in lib/yaml/constructor.py,
      lib3/yaml/constructor.py, tests/lib/test_recursive.py,
      tests/lib3/test_recursive.py.
    - CVE-2020-14343

 -- Marc Deslauriers <email address hidden> Mon, 12 Apr 2021 09:24:50 -0400

CVE-2020-14343 A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes un



About   -   Send Feedback to @ubuntu_updates