[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags

bugzilla at redhat.com bugzilla at redhat.com
Thu Oct 15 18:06:33 UTC 2015


https://bugzilla.redhat.com/show_bug.cgi?id=1033990

Vincent Danen <vdanen at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014
                   |0127,reported=20131122,sour |0127,reported=20131122,sour
                   |ce=redhat,cvss2=4.3/AV:A/AC |ce=redhat,cvss2=4.3/AV:A/AC
                   |:H/Au:N/C:P/I:P/A:P,rhel-6/ |:H/Au:N/C:P/I:P/A:P,rhel-6/
                   |libyaml=affected,rhel-7/lib |libyaml=affected,rhel-7/lib
                   |yaml=affected,rhscl-1/ruby1 |yaml=notaffected,rhscl-1/ru
                   |93-libyaml=affected,rhscl-1 |by193-libyaml=affected,rhsc
                   |/libyaml=affected,fedora-al |l-1/libyaml=affected,fedora
                   |l/libyaml=affected,epel-all |-all/libyaml=affected,epel-
                   |/libyaml=affected,mrg-1/lib |all/libyaml=affected,mrg-1/
                   |yaml=wontfix,mrg-2/libyaml= |libyaml=wontfix,mrg-2/libya
                   |wontfix,rhn_satellite_5.3/l |ml=wontfix,rhn_satellite_5.
                   |ibyaml=wontfix,rhn_satellit |3/libyaml=wontfix,rhn_satel
                   |e_5.4/libyaml=wontfix,rhn_s |lite_5.4/libyaml=wontfix,rh
                   |atellite_5.5/libyaml=wontfi |n_satellite_5.5/libyaml=won
                   |x,rhn_satellite_5.6/libyaml |tfix,rhn_satellite_5.6/liby
                   |=wontfix,rhn_satellite_6/li |aml=wontfix,rhn_satellite_6
                   |byaml=affected,rhn_satellit |/libyaml=affected,rhn_satel
                   |e_6/ruby193-libyaml=affecte |lite_6/ruby193-libyaml=affe
                   |d,rhui-2/libyaml=wontfix,sa |cted,rhui-2/libyaml=wontfix
                   |m-1/libyaml=wontfix,cfme-5/ |,sam-1/libyaml=wontfix,cfme
                   |mingw-libyaml=wontfix,cfme- |-5/mingw-libyaml=wontfix,cf
                   |5/ruby193-libyaml=wontfix,o |me-5/ruby193-libyaml=wontfi
                   |penstack-3/libyaml=affected |x,openstack-3/libyaml=affec
                   |,openstack-3/ruby193-libyam |ted,openstack-3/ruby193-lib
                   |l=affected,openstack-4/liby |yaml=affected,openstack-4/l
                   |aml=affected,openshift-ente |ibyaml=affected,openshift-e
                   |rprise-1/ruby193-libyaml=wo |nterprise-1/ruby193-libyaml
                   |ntfix,openshift-1/ruby193-l |=wontfix,openshift-1/ruby19
                   |ibyaml=affected,fedora-all/ |3-libyaml=affected,fedora-a
                   |perl-YAML-LibYAML=affected, |ll/perl-YAML-LibYAML=affect
                   |epel-6/perl-YAML-LibYAML=af |ed,epel-6/perl-YAML-LibYAML
                   |fected,cwe=CWE-122          |=affected,cwe=CWE-122



-- 
You are receiving this mail because:
You are on the CC list for the bug.


More information about the perl-devel mailing list