-
Committer:
Package Import Robot
-
Author(s):
Salvatore Bonaccorso
-
Date:
2014-03-20 00:04:03 UTC
-
Revision ID:
package-import@ubuntu.com-20140320000403-tey8jx2ga3xp4d5g
Tags: 0.1.3-1+deb6u4
* Non-maintainer upload by the Security Team.
* CVE-2014-2525: Heap overflow when parsing YAML tags.
The heap overflow is caused by not properly expanding a string before
writing to it in function yaml_parser_scan_uri_escapes in scanner.c.