[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 127-1] pyyaml security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : pyyaml
Version        : 3.09-5+deb6u1
CVE ID         : CVE-2014-9130
Debian Bug     : 772815

Jonathan Gray and Stanislaw Pitucha found an assertion failure in the
way wrapped strings are parsed in Python-YAML, a YAML parser and emitter
for Python. An attacker able to load specially crafted YAML input into an
application using python-yaml could cause the application to crash.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJUqC/SXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hH+/kP/jA2r77ueXzuv5C1yTnR9Av1
7sZJ2kvj1JLr3R066pZ+oZ3eFzg14eE0LCI0Qh0crTarajHqVeu0gVEgEeSFAv3p
wmgrXaJ44YUujLukp5+Kk1lyhFMPMim0V8Y1Vur08UURwxlR5V1Fgf0ygtZypsrT
Jaxlh8niEp8RryjQfg95BA+Qfx5bgUI3t64fwriWJwi/8DZ3UsjFQYSOTpOWzae6
Y2UQ69+5yjWJXHX9EugeZjNe/Ru4U8yWCP7sE9cOdtlD+i7vrM3IoyrCgpVYNnF7
nYECMlDA/d8A+qZYvYIr92q89WZASSjTtQNlAE+IoAA6s7tb8mm8NCpR2Fix61Aq
RwP/iejWtdI2IAOAHcmJ+8tHABLInmlno/njW9wxv5fkh3DPhQQl2w6IsY0ijTJP
pNKDlQwMxVPF7/Yv7zXTktSduuvqZ4Xffszw5rGmiQJe4A1l7USnMZS8iueUJ1VB
VdcP4o5BRox8GSsFymGzMo3gnu7sSAg1T7/ksSSQvQ2mKaNHIyOqShsTKLcA+1Ai
Y7JEd+KIPhwFGqrveEHdE2y3JrOOvJnB5uXC6tRT9+CHijGqYCEx822uTiaOzze+
kJLeUvEhxUCPvAx2hgYmlc49/79uxswCMUtZ3dIvUFB42AwQ/dnJPT2ee5462vrX
BSGMPlN4+FhvJqmZLdNO
=lfDu
-----END PGP SIGNATURE-----


Reply to: