Package "snakeyaml"

Links

Other versions of "snakeyaml" in Jammy

Repository	Area	Version
base	universe	1.29-1
updates	universe	1.29-1ubuntu0.22.04.1

Packages in group

Deleted packages are displayed in grey.

• libyaml-snake-java
• libyaml-snake-java-doc

Changelog

Version: 1.29-1ubuntu0.22.04.1	2023-03-10 00:07:05 UTC
snakeyaml (1.29-1ubuntu0.22.04.1) jammy-security; urgency=medium   * SECURITY UPDATE: Denial of service due to stack overflow     - debian/patches/CVE-2022-25857.patch: Restrict nested depth for       collections to avoid DoS attacks.     - CVE-2022-25857     - CVE-2022-38749   * SECURITY UPDATE: Denial of service due to stack overflow     - debian/patches/CVE-2022-38750.patch: Adds test for upstream issue 526.     - CVE-2022-38750   * SECURITY UPDATE: Denial of service due to stack overflow     - debian/patches/CVE-2022-38751.patch: Add resolver limits to avoid DoS       attacks.     - CVE-2022-38751  -- Fabian Toepfer <email address hidden> Thu, 09 Mar 2023 19:37:24 +0100
CVE-2022-25857 The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collection CVE-2022-38749 Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, CVE-2022-38750 Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, CVE-2022-38751 Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input,

---

Share this page

Bookmarks

skype 4.3.0.37
virtualbox-4.3 4.3.40-110317
steam 1:1.0.0.81
google-chrome-beta 130.0.6723.44

Latest updates

  Packages changelogs
  Bugs & CVEs

updates

nagios4 (jammy)
resource-agents (jammy)
resource-agents (jammy)
nagios4 (focal)
gammu (focal)
e2fsprogs (focal)
e2fsprogs (focal)
mesa (noble)
shotwell (noble)
mesa (noble)
update-manager (noble)
openvpn (noble)
openvpn (jammy)
live-build (noble)
live-build (noble)
gnome-shell-extension-ubuntu-dock (noble)
procps (noble)

proposed

bind-dyndb-ldap (focal)
bind-dyndb-ldap (noble)
bind-dyndb-ldap (jammy)
linux-signed-gkeop (jammy)
linux-meta-gkeop (jammy)
linux-restricted-signatures-nvidia-6.8 (jammy)
linux-restricted-modules-nvidia-6.8 (jammy)
linux-signed-nvidia-6.8 (jammy)
linux-meta-nvidia-6.8 (jammy)
linux-restricted-signatures-aws (focal)
linux-restricted-signatures-oracle (focal)
linux-restricted-signatures-aws-5.15 (focal)
linux-restricted-signatures-oracle-5.15 (focal)

See all

PPA updates

  PPAs

handbrake (trusty)
nginx-nr-agent (bionic)
linux-restricted-modules-aws (noble)
linux-meta-aws (noble)
linux-generate-aws (noble)
linux-meta-gke (noble)
linux-generate-gke (noble)
patroni (jammy-pgdg)
patroni (focal-pgdg)
signal-desktop-beta (xenial)
google-chrome-beta (stable)
vivaldi-snapshot (stable)
code (stable)
firefox (wilma)
chromium (wilma)
firefox (vera)
chromium (vera)
firefox-trunk (jammy)
firefox-trunk (focal)
firefox-esr (noble)
firefox-trunk (noble)
firefox-esr (jammy)
firefox-esr (focal)
firefox (focal)
firefox-esr (bionic)
firefox-esr (xenial)
code-insiders (stable)
linux-signed-oracle-6.8 (jammy)
firefox (noble)
firefox (jammy)

See all