Your submission was sent successfully! Close

CVE-2014-9130

Published: 8 December 2014

scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.

Priority

Medium

Status

Package Release Status
libyaml
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (0.1.4-2ubuntu0.12.04.4)
trusty
Released (0.1.4-3ubuntu3.1)
upstream
Released (0.1.6-3)
utopic
Released (0.1.6-1ubuntu0.1)
Patches:
upstream: https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2

libyaml-libyaml-perl
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (0.38-2ubuntu0.2)
trusty Does not exist
(trusty was released [0.41-5ubuntu0.14.04.1])
upstream
Released (0.41-6)
utopic
Released (0.41-5ubuntu0.14.10.1)
pyyaml
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (3.10-2ubuntu0.1)
trusty
Released (3.10-4ubuntu0.1)
upstream Needed

utopic
Released (3.11-1ubuntu0.1)
Patches:

upstream: https://bitbucket.org/xi/pyyaml/commits/ddf211a41bb231c365fece5599b7e484e6dc33fc