CVE-2014-9130 libyaml: denial-of-service/application crash with untrusted yaml input
Bug #1400736 reported by
Hannes
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libyaml (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
There is a new CVE for libyaml: https:/
And a patch is already in the repository: https:/
The code in question is present at least in version 0.1.3 to 0.1.6 so all lts versions are likely affected.
CVE References
information type: | Private Security → Public |
information type: | Public → Public Security |
Changed in libyaml (Ubuntu): | |
status: | New → Confirmed |
Changed in libyaml (Ubuntu): | |
importance: | Undecided → Medium |
To post a comment you must log in.
This was addresses in http:// www.ubuntu. com/usn/ usn-2461- 1/ , thanks.