-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2014-04-02 14:40:46 UTC
-
Revision ID:
package-import@ubuntu.com-20140402144046-ofzr6ckrtvfbqftq
Tags: 0.38-3ubuntu0.12.10.1
* SECURITY UPDATE: denial of service and possible code execution via
large yaml documents
- debian/patches/CVE-2013-6393.patch: fix integer overflows in
LibYAML/loader.c, LibYAML/reader.c, LibYAML/scanner.c,
LibYAML/yaml_private.h.
- CVE-2013-6393
* SECURITY UPDATE: denial of service and possible code execution via
heap overflow in yaml_parser_scan_uri_escapes
- debian/patches/CVE-2014-2525.patch: properly handle memory in
LibYAML/scanner.c, LibYAML/yaml_private.h.
- CVE-2014-2525