User: Password:
Subscribe / Log in / New account

Mageia alert MGASA-2014-0040 (yaml)

From:  Mageia Updates <>
Subject:  [updates-announce] MGASA-2014-0040: Updated yaml packages fix CVE-2013-6393
Date:  Sat, 8 Feb 2014 20:11:29 +0100
Message-ID:  <>

MGASA-2014-0040 - Updated yaml packages fix CVE-2013-6393 Publication date: 08 Feb 2014 URL: Type: security Affected Mageia releases: 3, 4 CVE: CVE-2013-6393 Description: Updated libyaml packages fix security vulnerabilities: Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2013-6393). References: - - - SRPMS: - 4/core/yaml-0.1.5-1.mga4 - 3/core/yaml-0.1.5-1.mga3

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds