[SECURITY] Fedora 32 Update: PyYAML-5.4.1-1.fc32

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-eed7193502 2021-01-30 01:42:12.132316 -------------------------------------------------------------------------------- Name : PyYAML Product : Fedora 32 Version : 5.4.1 Release : 1.fc32 URL : https://github.com/yaml/pyyaml Summary : YAML parser and emitter for Python Description : YAML is a data serialization format designed for human readability and interaction with scripting languages. PyYAML is a YAML parser and emitter for Python. PyYAML features a complete YAML 1.1 parser, Unicode support, pickle support, capable extension API, and sensible error messages. PyYAML supports standard YAML tags and provides Python-specific tags that allow to represent an arbitrary Python object. PyYAML is applicable for a broad range of tasks from complex configuration files to object serialization and persistence. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2020-14343 -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 21 2021 John Eckersberg <jeckersb(a)redhat.com&gt; - 5.4.1-1 - New upstream release 5.4.1 (rhbz#1918523) * Wed Jan 20 2021 John Eckersberg <jeckersb(a)redhat.com&gt; - 5.4-1 - New upstream release 5.4 - Fixes CVE-2020-14343 * Fri Jan 15 2021 John Eckersberg <jeckersb(a)redhat.com&gt; - 5.4-0.1.b2 - New upstream beta release 5.4b2 (rhbz#1916496) * Thu Jan 14 2021 John Eckersberg <jeckersb(a)redhat.com&gt; - 5.4-0.1.b1 - New upstream beta release 5.4b1 (rhbz#1916034) * Mon Nov 23 2020 Miro Hron��ok <mhroncok(a)redhat.com&gt; - 5.3.1-5 - Disable Python 2 build on RHEL 9+ * Mon Jul 27 2020 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 5.3.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Fri May 22 2020 Miro Hron��ok <mhroncok(a)redhat.com&gt; - 5.3.1-3 - Rebuilt for Python 3.9 * Mon May 18 2020 John Eckersberg <eck(a)redhat.com&gt; - 5.3.1-2 - Fix fedora conditional macro (rhbz#1836656) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1860466 - CVE-2020-14343 PyYAML: incomplete fix for CVE-2020-1747 https://bugzilla.redhat.com/show_bug.cgi?id=1860466 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-eed7193502' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------