[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags

bugzilla@xxxxxxxxxx · Mon, 10 Nov 2014 09:35:11 +0000

https://bugzilla.redhat.com/show_bug.cgi?id=1033990

Ján Rusnačko <jrusnack@xxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jrusnack@xxxxxxxxxx
         Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014
                   |0127,reported=20131122,sour |0127,reported=20131122,sour
                   |ce=redhat,cvss2=4.3/AV:A/AC |ce=redhat,cvss2=4.3/AV:A/AC
                   |:H/Au:N/C:P/I:P/A:P,rhel-6/ |:H/Au:N/C:P/I:P/A:P,rhel-6/
                   |libyaml=affected,rhel-7/lib |libyaml=affected,rhel-7/lib
                   |yaml=affected,rhscl-1/ruby1 |yaml=affected,rhscl-1/ruby1
                   |93-libyaml=affected,rhscl-1 |93-libyaml=affected,rhscl-1
                   |/libyaml=affected,fedora-al |/libyaml=affected,fedora-al
                   |l/libyaml=affected,epel-all |l/libyaml=affected,epel-all
                   |/libyaml=affected,mrg-1/lib |/libyaml=affected,mrg-1/lib
                   |yaml=wontfix,mrg-2/libyaml= |yaml=wontfix,mrg-2/libyaml=
                   |wontfix,rhn_satellite_5.3/l |wontfix,rhn_satellite_5.3/l
                   |ibyaml=wontfix,rhn_satellit |ibyaml=wontfix,rhn_satellit
                   |e_5.4/libyaml=wontfix,rhn_s |e_5.4/libyaml=wontfix,rhn_s
                   |atellite_5.5/libyaml=wontfi |atellite_5.5/libyaml=wontfi
                   |x,rhn_satellite_5.6/libyaml |x,rhn_satellite_5.6/libyaml
                   |=wontfix,rhn_satellite_6/li |=wontfix,rhn_satellite_6/li
                   |byaml=affected,rhn_satellit |byaml=affected,rhn_satellit
                   |e_6/ruby193-libyaml=affecte |e_6/ruby193-libyaml=affecte
                   |d,rhui-2/libyaml=wontfix,sa |d,rhui-2/libyaml=wontfix,sa
                   |m-1/libyaml=wontfix,cfme-5/ |m-1/libyaml=wontfix,cfme-5/
                   |mingw-libyaml=wontfix,cfme- |mingw-libyaml=wontfix,cfme-
                   |5/ruby193-libyaml=wontfix,o |5/ruby193-libyaml=wontfix,o
                   |penstack-3/libyaml=affected |penstack-3/libyaml=affected
                   |,openstack-3/ruby193-libyam |,openstack-3/ruby193-libyam
                   |l=affected,openstack-4/liby |l=affected,openstack-4/liby
                   |aml=affected,openshift-ente |aml=affected,openshift-ente
                   |rprise-1/ruby193-libyaml=wo |rprise-1/ruby193-libyaml=wo
                   |ntfix,openshift-1/ruby193-l |ntfix,openshift-1/ruby193-l
                   |ibyaml=affected,fedora-all/ |ibyaml=affected,fedora-all/
                   |perl-YAML-LibYAML=affected, |perl-YAML-LibYAML=affected,
                   |epel-6/perl-YAML-LibYAML=af |epel-6/perl-YAML-LibYAML=af
                   |fected                      |fected,cwe=CWE-122

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Mh3fb1Q7Yz&a=cc_unsubscribe
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/perl-devel