[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags

bugzilla at redhat.com bugzilla at redhat.com
Thu Oct 15 21:37:11 UTC 2015 

https://bugzilla.redhat.com/show_bug.cgi?id=1033990

Vincent Danen <vdanen at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014
                   |0127,reported=20131122,sour |0127,reported=20131122,sour
                   |ce=redhat,cvss2=4.3/AV:A/AC |ce=redhat,cvss2=4.3/AV:A/AC
                   |:H/Au:N/C:P/I:P/A:P,rhel-6/ |:H/Au:N/C:P/I:P/A:P,rhel-6/
                   |libyaml=affected,rhel-7/lib |libyaml=notaffected,rhel-7/
                   |yaml=notaffected,rhscl-1/ru |libyaml=notaffected,rhscl-1
                   |by193-libyaml=affected,rhsc |/ruby193-libyaml=affected,r
                   |l-1/libyaml=affected,fedora |hscl-1/libyaml=affected,fed
                   |-all/libyaml=affected,epel- |ora-all/libyaml=affected,ep
                   |all/libyaml=affected,mrg-1/ |el-all/libyaml=affected,mrg
                   |libyaml=wontfix,mrg-2/libya |-1/libyaml=wontfix,mrg-2/li
                   |ml=wontfix,rhn_satellite_5. |byaml=wontfix,rhn_satellite
                   |3/libyaml=wontfix,rhn_satel |_5.3/libyaml=wontfix,rhn_sa
                   |lite_5.4/libyaml=wontfix,rh |tellite_5.4/libyaml=wontfix
                   |n_satellite_5.5/libyaml=won |,rhn_satellite_5.5/libyaml=
                   |tfix,rhn_satellite_5.6/liby |wontfix,rhn_satellite_5.6/l
                   |aml=wontfix,rhn_satellite_6 |ibyaml=wontfix,rhn_satellit
                   |/libyaml=affected,rhn_satel |e_6/libyaml=affected,rhn_sa
                   |lite_6/ruby193-libyaml=affe |tellite_6/ruby193-libyaml=a
                   |cted,rhui-2/libyaml=wontfix |ffected,rhui-2/libyaml=wont
                   |,sam-1/libyaml=wontfix,cfme |fix,sam-1/libyaml=wontfix,c
                   |-5/mingw-libyaml=wontfix,cf |fme-5/mingw-libyaml=wontfix
                   |me-5/ruby193-libyaml=wontfi |,cfme-5/ruby193-libyaml=won
                   |x,openstack-3/libyaml=affec |tfix,openstack-3/libyaml=af
                   |ted,openstack-3/ruby193-lib |fected,openstack-3/ruby193-
                   |yaml=affected,openstack-4/l |libyaml=affected,openstack-
                   |ibyaml=affected,openshift-e |4/libyaml=affected,openshif
                   |nterprise-1/ruby193-libyaml |t-enterprise-1/ruby193-liby
                   |=wontfix,openshift-1/ruby19 |aml=wontfix,openshift-1/rub
                   |3-libyaml=affected,fedora-a |y193-libyaml=affected,fedor
                   |ll/perl-YAML-LibYAML=affect |a-all/perl-YAML-LibYAML=aff
                   |ed,epel-6/perl-YAML-LibYAML |ected,epel-6/perl-YAML-LibY
                   |=affected,cwe=CWE-122       |AML=affected,cwe=CWE-122



-- 
You are receiving this mail because:
You are on the CC list for the bug.

More information about the perl-devel mailing list