UbuntuUpdates.org

Package "libyaml-libyaml-perl"

Name: libyaml-libyaml-perl

Description:

Perl interface to libyaml, a YAML implementation
Latest version: 0.41-5
Release: trusty (14.04)
Level: base
Repository: main
Homepage: https://metacpan.org/release/YAML-LibYAML

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libyaml-libyaml-perl"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libyaml-libyaml-perl" in Trusty

Repository Area Version
security main 0.41-5ubuntu0.14.04.1
updates main 0.41-5ubuntu0.14.04.1

Changelog

Version: 0.41-5 2014-04-02 21:06:42 UTC

  libyaml-libyaml-perl (0.41-5) unstable; urgency=high

  * Team upload.

  [ gregor herrmann ]
  * Strip trailing slash from metacpan URLs.

  [ Salvatore Bonaccorso ]
  * Add CVE-2014-2525.patch patch.
    CVE-2014-2525: Heap overflow when parsing YAML tags.
    The heap overflow is caused by not properly expanding a string before
    writing to it in function yaml_parser_scan_uri_escapes in scanner.c.

 -- Salvatore Bonaccorso <email address hidden> Sun, 23 Mar 2014 08:32:24 +0100
Source diff to previous version
CVE-2014-2525 Heap-based buffer overflow in the yaml_parser_scan_uri_escapes ...

Version: 0.41-4 2014-02-28 14:06:47 UTC

  libyaml-libyaml-perl (0.41-4) unstable; urgency=medium

  * Team upload.
  * Add libyaml-string-overflow.patch patch.
    Addresses CVE-2013-6393 for the LibYAML embedded copy in YAML::LibYAML.
  * Add libyaml-node-id-hardening.patch patch.
    Guard against integer overflow.
  * Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch.
    Guard against overflows in indent and flow_level.

 -- Salvatore Bonaccorso <email address hidden> Sun, 23 Feb 2014 22:28:32 +0100
CVE-2013-6393 heap-based buffer overflow when parsing YAML tags


About   -   Send Feedback to @ubuntu_updates