[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Ján Rusnačkochanged: What|Removed |Added Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |0127,reported=20131122,sour |0127,reported=20131122,sour |ce=redhat,cvss2=4.3/AV:A/AC |ce=redhat,cvss2=4.3/AV:A/AC |:H/Au:N/C:P/I:P/A:P,rhel-6/ |:H/Au:N/C:P/I:P/A:P,rhel-6/ |libyaml=notaffected,rhel-7/ |libyaml=affected,rhel-7/lib |libyaml=notaffected,rhscl-1 |yaml=notaffected,rhscl-1/ru |/ruby193-libyaml=affected,r |by193-libyaml=affected,rhsc |hscl-1/libyaml=affected,fed |l-1/libyaml=affected,fedora |ora-all/libyaml=affected,ep |-all/libyaml=affected,epel- |el-all/libyaml=affected,mrg |all/libyaml=affected,mrg-1/ |-1/libyaml=wontfix,mrg-2/li |libyaml=wontfix,mrg-2/libya |byaml=wontfix,rhn_satellite |ml=wontfix,rhn_satellite_5. |_5.3/libyaml=wontfix,rhn_sa |3/libyaml=wontfix,rhn_satel |tellite_5.4/libyaml=wontfix |lite_5.4/libyaml=wontfix,rh |,rhn_satellite_5.5/libyaml= |n_satellite_5.5/libyaml=won |wontfix,rhn_satellite_5.6/l |tfix,rhn_satellite_5.6/liby |ibyaml=wontfix,rhn_satellit |aml=wontfix,rhn_satellite_6 |e_6/libyaml=affected,rhn_sa |/libyaml=affected,rhn_satel |tellite_6/ruby193-libyaml=a |lite_6/ruby193-libyaml=affe |ffected,rhui-2/libyaml=wont |cted,rhui-2/libyaml=wontfix |fix,sam-1/libyaml=wontfix,c |,sam-1/libyaml=wontfix,cfme |fme-5/mingw-libyaml=wontfix |-5/mingw-libyaml=wontfix,cf |,cfme-5/ruby193-libyaml=won |me-5/ruby193-libyaml=wontfi |tfix,openstack-3/libyaml=af |x,openstack-3/libyaml=affec |fected,openstack-3/ruby193- |ted,openstack-3/ruby193-lib |libyaml=affected,openstack- |yaml=affected,openstack-4/l |4/libyaml=affected,openshif |ibyaml=affected,openshift-e |t-enterprise-1/ruby193-liby |nterprise-1/ruby193-libyaml |aml=wontfix,openshift-1/rub |=wontfix,openshift-1/ruby19 |y193-libyaml=affected,fedor |3-libyaml=affected,fedora-a |a-all/perl-YAML-LibYAML=aff |ll/perl-YAML-LibYAML=affect |ected,epel-6/perl-YAML-LibY |ed,epel-6/perl-YAML-LibYAML |AML=affected,cwe=CWE-122|=affected,cwe=CWE-122 -- You are receiving this mail because: You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/perl-devel@lists.fedoraproject.org
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Vincent Danenchanged: What|Removed |Added Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |0127,reported=20131122,sour |0127,reported=20131122,sour |ce=redhat,cvss2=4.3/AV:A/AC |ce=redhat,cvss2=4.3/AV:A/AC |:H/Au:N/C:P/I:P/A:P,rhel-6/ |:H/Au:N/C:P/I:P/A:P,rhel-6/ |libyaml=affected,rhel-7/lib |libyaml=notaffected,rhel-7/ |yaml=notaffected,rhscl-1/ru |libyaml=notaffected,rhscl-1 |by193-libyaml=affected,rhsc |/ruby193-libyaml=affected,r |l-1/libyaml=affected,fedora |hscl-1/libyaml=affected,fed |-all/libyaml=affected,epel- |ora-all/libyaml=affected,ep |all/libyaml=affected,mrg-1/ |el-all/libyaml=affected,mrg |libyaml=wontfix,mrg-2/libya |-1/libyaml=wontfix,mrg-2/li |ml=wontfix,rhn_satellite_5. |byaml=wontfix,rhn_satellite |3/libyaml=wontfix,rhn_satel |_5.3/libyaml=wontfix,rhn_sa |lite_5.4/libyaml=wontfix,rh |tellite_5.4/libyaml=wontfix |n_satellite_5.5/libyaml=won |,rhn_satellite_5.5/libyaml= |tfix,rhn_satellite_5.6/liby |wontfix,rhn_satellite_5.6/l |aml=wontfix,rhn_satellite_6 |ibyaml=wontfix,rhn_satellit |/libyaml=affected,rhn_satel |e_6/libyaml=affected,rhn_sa |lite_6/ruby193-libyaml=affe |tellite_6/ruby193-libyaml=a |cted,rhui-2/libyaml=wontfix |ffected,rhui-2/libyaml=wont |,sam-1/libyaml=wontfix,cfme |fix,sam-1/libyaml=wontfix,c |-5/mingw-libyaml=wontfix,cf |fme-5/mingw-libyaml=wontfix |me-5/ruby193-libyaml=wontfi |,cfme-5/ruby193-libyaml=won |x,openstack-3/libyaml=affec |tfix,openstack-3/libyaml=af |ted,openstack-3/ruby193-lib |fected,openstack-3/ruby193- |yaml=affected,openstack-4/l |libyaml=affected,openstack- |ibyaml=affected,openshift-e |4/libyaml=affected,openshif |nterprise-1/ruby193-libyaml |t-enterprise-1/ruby193-liby |=wontfix,openshift-1/ruby19 |aml=wontfix,openshift-1/rub |3-libyaml=affected,fedora-a |y193-libyaml=affected,fedor |ll/perl-YAML-LibYAML=affect |a-all/perl-YAML-LibYAML=aff |ed,epel-6/perl-YAML-LibYAML |ected,epel-6/perl-YAML-LibY |=affected,cwe=CWE-122 |AML=affected,cwe=CWE-122 -- You are receiving this mail because: You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Vincent Danenchanged: What|Removed |Added Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |0127,reported=20131122,sour |0127,reported=20131122,sour |ce=redhat,cvss2=4.3/AV:A/AC |ce=redhat,cvss2=4.3/AV:A/AC |:H/Au:N/C:P/I:P/A:P,rhel-6/ |:H/Au:N/C:P/I:P/A:P,rhel-6/ |libyaml=affected,rhel-7/lib |libyaml=affected,rhel-7/lib |yaml=affected,rhscl-1/ruby1 |yaml=notaffected,rhscl-1/ru |93-libyaml=affected,rhscl-1 |by193-libyaml=affected,rhsc |/libyaml=affected,fedora-al |l-1/libyaml=affected,fedora |l/libyaml=affected,epel-all |-all/libyaml=affected,epel- |/libyaml=affected,mrg-1/lib |all/libyaml=affected,mrg-1/ |yaml=wontfix,mrg-2/libyaml= |libyaml=wontfix,mrg-2/libya |wontfix,rhn_satellite_5.3/l |ml=wontfix,rhn_satellite_5. |ibyaml=wontfix,rhn_satellit |3/libyaml=wontfix,rhn_satel |e_5.4/libyaml=wontfix,rhn_s |lite_5.4/libyaml=wontfix,rh |atellite_5.5/libyaml=wontfi |n_satellite_5.5/libyaml=won |x,rhn_satellite_5.6/libyaml |tfix,rhn_satellite_5.6/liby |=wontfix,rhn_satellite_6/li |aml=wontfix,rhn_satellite_6 |byaml=affected,rhn_satellit |/libyaml=affected,rhn_satel |e_6/ruby193-libyaml=affecte |lite_6/ruby193-libyaml=affe |d,rhui-2/libyaml=wontfix,sa |cted,rhui-2/libyaml=wontfix |m-1/libyaml=wontfix,cfme-5/ |,sam-1/libyaml=wontfix,cfme |mingw-libyaml=wontfix,cfme- |-5/mingw-libyaml=wontfix,cf |5/ruby193-libyaml=wontfix,o |me-5/ruby193-libyaml=wontfi |penstack-3/libyaml=affected |x,openstack-3/libyaml=affec |,openstack-3/ruby193-libyam |ted,openstack-3/ruby193-lib |l=affected,openstack-4/liby |yaml=affected,openstack-4/l |aml=affected,openshift-ente |ibyaml=affected,openshift-e |rprise-1/ruby193-libyaml=wo |nterprise-1/ruby193-libyaml |ntfix,openshift-1/ruby193-l |=wontfix,openshift-1/ruby19 |ibyaml=affected,fedora-all/ |3-libyaml=affected,fedora-a |perl-YAML-LibYAML=affected, |ll/perl-YAML-LibYAML=affect |epel-6/perl-YAML-LibYAML=af |ed,epel-6/perl-YAML-LibYAML |fected,cwe=CWE-122 |=affected,cwe=CWE-122 -- You are receiving this mail because: You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Ján Rusnačko jrusn...@redhat.com changed: What|Removed |Added CC||jrusn...@redhat.com Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |0127,reported=20131122,sour |0127,reported=20131122,sour |ce=redhat,cvss2=4.3/AV:A/AC |ce=redhat,cvss2=4.3/AV:A/AC |:H/Au:N/C:P/I:P/A:P,rhel-6/ |:H/Au:N/C:P/I:P/A:P,rhel-6/ |libyaml=affected,rhel-7/lib |libyaml=affected,rhel-7/lib |yaml=affected,rhscl-1/ruby1 |yaml=affected,rhscl-1/ruby1 |93-libyaml=affected,rhscl-1 |93-libyaml=affected,rhscl-1 |/libyaml=affected,fedora-al |/libyaml=affected,fedora-al |l/libyaml=affected,epel-all |l/libyaml=affected,epel-all |/libyaml=affected,mrg-1/lib |/libyaml=affected,mrg-1/lib |yaml=wontfix,mrg-2/libyaml= |yaml=wontfix,mrg-2/libyaml= |wontfix,rhn_satellite_5.3/l |wontfix,rhn_satellite_5.3/l |ibyaml=wontfix,rhn_satellit |ibyaml=wontfix,rhn_satellit |e_5.4/libyaml=wontfix,rhn_s |e_5.4/libyaml=wontfix,rhn_s |atellite_5.5/libyaml=wontfi |atellite_5.5/libyaml=wontfi |x,rhn_satellite_5.6/libyaml |x,rhn_satellite_5.6/libyaml |=wontfix,rhn_satellite_6/li |=wontfix,rhn_satellite_6/li |byaml=affected,rhn_satellit |byaml=affected,rhn_satellit |e_6/ruby193-libyaml=affecte |e_6/ruby193-libyaml=affecte |d,rhui-2/libyaml=wontfix,sa |d,rhui-2/libyaml=wontfix,sa |m-1/libyaml=wontfix,cfme-5/ |m-1/libyaml=wontfix,cfme-5/ |mingw-libyaml=wontfix,cfme- |mingw-libyaml=wontfix,cfme- |5/ruby193-libyaml=wontfix,o |5/ruby193-libyaml=wontfix,o |penstack-3/libyaml=affected |penstack-3/libyaml=affected |,openstack-3/ruby193-libyam |,openstack-3/ruby193-libyam |l=affected,openstack-4/liby |l=affected,openstack-4/liby |aml=affected,openshift-ente |aml=affected,openshift-ente |rprise-1/ruby193-libyaml=wo |rprise-1/ruby193-libyaml=wo |ntfix,openshift-1/ruby193-l |ntfix,openshift-1/ruby193-l |ibyaml=affected,fedora-all/ |ibyaml=affected,fedora-all/ |perl-YAML-LibYAML=affected, |perl-YAML-LibYAML=affected, |epel-6/perl-YAML-LibYAML=af |epel-6/perl-YAML-LibYAML=af |fected |fected,cwe=CWE-122 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Mh3fb1Q7Yza=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Marianne Feifer mfei...@redhat.com changed: What|Removed |Added CC|mfei...@redhat.com | Kurt Seifried kseifr...@redhat.com changed: What|Removed |Added Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |0127,reported=20131122,sour |0127,reported=20131122,sour |ce=redhat,cvss2=4.3/AV:A/AC |ce=redhat,cvss2=4.3/AV:A/AC |:H/Au:N/C:P/I:P/A:P,rhel-6/ |:H/Au:N/C:P/I:P/A:P,rhel-6/ |libyaml=affected,rhel-7/lib |libyaml=affected,rhel-7/lib |yaml=affected,rhscl-1/ruby1 |yaml=affected,rhscl-1/ruby1 |93-libyaml=affected,rhscl-1 |93-libyaml=affected,rhscl-1 |/libyaml=affected,fedora-al |/libyaml=affected,fedora-al |l/libyaml=affected,epel-all |l/libyaml=affected,epel-all |/libyaml=affected,mrg-1/lib |/libyaml=affected,mrg-1/lib |yaml=wontfix,mrg-2/libyaml= |yaml=wontfix,mrg-2/libyaml= |wontfix,rhn_satellite_5.3/l |wontfix,rhn_satellite_5.3/l |ibyaml=wontfix,rhn_satellit |ibyaml=wontfix,rhn_satellit |e_5.4/libyaml=wontfix,rhn_s |e_5.4/libyaml=wontfix,rhn_s |atellite_5.5/libyaml=wontfi |atellite_5.5/libyaml=wontfi |x,rhn_satellite_5.6/libyaml |x,rhn_satellite_5.6/libyaml |=wontfix,rhn_satellite_6/li |=wontfix,rhn_satellite_6/li |byaml=affected,rhn_satellit |byaml=affected,rhn_satellit |e_6/ruby193-libyaml=affecte |e_6/ruby193-libyaml=affecte |d,rhui-2/libyaml=wontfix,sa |d,rhui-2/libyaml=wontfix,sa |m-1/libyaml=defer,cfme-5/mi |m-1/libyaml=wontfix,cfme-5/ |ngw-libyaml=wontfix,cfme-5/ |mingw-libyaml=wontfix,cfme- |ruby193-libyaml=wontfix,ope |5/ruby193-libyaml=wontfix,o |nstack-3/libyaml=affected,o |penstack-3/libyaml=affected |penstack-3/ruby193-libyaml= |,openstack-3/ruby193-libyam |affected,openstack-4/libyam |l=affected,openstack-4/liby |l=affected,openshift-enterp |aml=affected,openshift-ente |rise-1/ruby193-libyaml=wont |rprise-1/ruby193-libyaml=wo |fix,openshift-1/ruby193-lib |ntfix,openshift-1/ruby193-l |yaml=affected,fedora-all/pe |ibyaml=affected,fedora-all/ |rl-YAML-LibYAML=affected,ep |perl-YAML-LibYAML=affected, |el-6/perl-YAML-LibYAML=affe |epel-6/perl-YAML-LibYAML=af |cted|fected -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=kVuvE4zKTla=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Tomas Hoger tho...@redhat.com changed: What|Removed |Added Status|NEW |CLOSED Resolution|--- |ERRATA Last Closed||2014-11-06 04:43:46 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=gDUw2Lq9S9a=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Kurt Seifried kseifr...@redhat.com changed: What|Removed |Added Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |0127,reported=20131122,sour |0127,reported=20131122,sour |ce=redhat,cvss2=4.3/AV:A/AC |ce=redhat,cvss2=4.3/AV:A/AC |:H/Au:N/C:P/I:P/A:P,rhel-6/ |:H/Au:N/C:P/I:P/A:P,rhel-6/ |libyaml=affected,rhel-7/lib |libyaml=affected,rhel-7/lib |yaml=affected,rhscl-1/ruby1 |yaml=affected,rhscl-1/ruby1 |93-libyaml=affected,rhscl-1 |93-libyaml=affected,rhscl-1 |/libyaml=affected,fedora-al |/libyaml=affected,fedora-al |l/libyaml=affected,epel-all |l/libyaml=affected,epel-all |/libyaml=affected,mrg-1/lib |/libyaml=affected,mrg-1/lib |yaml=wontfix,mrg-2/libyaml= |yaml=wontfix,mrg-2/libyaml= |wontfix,rhn_satellite_5.3/l |wontfix,rhn_satellite_5.3/l |ibyaml=wontfix,rhn_satellit |ibyaml=wontfix,rhn_satellit |e_5.4/libyaml=wontfix,rhn_s |e_5.4/libyaml=wontfix,rhn_s |atellite_5.5/libyaml=wontfi |atellite_5.5/libyaml=wontfi |x,rhn_satellite_5.6/libyaml |x,rhn_satellite_5.6/libyaml |=wontfix,rhn_satellite_6/li |=wontfix,rhn_satellite_6/li |byaml=affected,rhn_satellit |byaml=affected,rhn_satellit |e_6/ruby193-libyaml=affecte |e_6/ruby193-libyaml=affecte |d,rhui-2/libyaml=defer,sam- |d,rhui-2/libyaml=wontfix,sa |1/libyaml=defer,cfme-5/ming |m-1/libyaml=defer,cfme-5/mi |w-libyaml=wontfix,cfme-5/ru |ngw-libyaml=wontfix,cfme-5/ |by193-libyaml=wontfix,opens |ruby193-libyaml=wontfix,ope |tack-3/libyaml=affected,ope |nstack-3/libyaml=affected,o |nstack-3/ruby193-libyaml=af |penstack-3/ruby193-libyaml= |fected,openstack-4/libyaml= |affected,openstack-4/libyam |affected,openshift-enterpri |l=affected,openshift-enterp |se-1/ruby193-libyaml=wontfi |rise-1/ruby193-libyaml=wont |x,openshift-1/ruby193-libya |fix,openshift-1/ruby193-lib |ml=affected,fedora-all/perl |yaml=affected,fedora-all/pe |-YAML-LibYAML=affected,epel |rl-YAML-LibYAML=affected,ep |-6/perl-YAML-LibYAML=affect |el-6/perl-YAML-LibYAML=affe |ed |cted --- Comment #51 from Kurt Seifried kseifr...@redhat.com --- Red Hat Update Infrastructure 2.1.3 is now in Production 2 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Update Infrastructure Life Cycle: https://access.redhat.com/support/policy/updates/rhui. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=9F2glZh4Vla=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 --- Comment #50 from errata-xmlrpc errata-xml...@redhat.com --- This issue has been addressed in following products: Red Hat Common for RHEL 6 Via RHSA-2014:0415 https://rhn.redhat.com/errata/RHSA-2014-0415.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=ZQ63CU7QKia=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Bug 1033990 depends on bug 1081386, which changed state. Bug 1081386 Summary: CVE-2013-6393 perl-YAML-LibYAML: libyaml: heap-based buffer overflow when parsing YAML tags [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1081386 What|Removed |Added Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Iq9jiErKDFa=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 --- Comment #49 from Fedora Update System upda...@fedoraproject.org --- perl-YAML-LibYAML-0.38-4.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=MuXYnIYI6ua=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Bug 1033990 depends on bug 1081385, which changed state. Bug 1081385 Summary: CVE-2013-6393 perl-YAML-LibYAML: libyaml: heap-based buffer overflow when parsing YAML tags [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1081385 What|Removed |Added Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=alxI8zPKtYa=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 --- Comment #47 from Fedora Update System upda...@fedoraproject.org --- perl-YAML-LibYAML-0.41-4.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=UYdA9XkMmta=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 --- Comment #48 from Fedora Update System upda...@fedoraproject.org --- perl-YAML-LibYAML-0.41-4.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=63NUptudqEa=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 --- Comment #46 from errata-xmlrpc errata-xml...@redhat.com --- This issue has been addressed in following products: OpenStack 3 for RHEL 6 Via RHSA-2014:0364 https://rhn.redhat.com/errata/RHSA-2014-0364.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=xKSdrzknuIa=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Tomas Hoger tho...@redhat.com changed: What|Removed |Added Depends On||1083711 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=gd1S0ubBxTa=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Tomas Hoger tho...@redhat.com changed: What|Removed |Added Depends On||1083710 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=TuPR31DRiKa=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 --- Comment #43 from errata-xmlrpc errata-xml...@redhat.com --- This issue has been addressed in following products: Red Hat Software Collections for RHEL-6 Via RHSA-2014:0355 https://rhn.redhat.com/errata/RHSA-2014-0355.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=CfcGx4Y7Aea=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 --- Comment #44 from errata-xmlrpc errata-xml...@redhat.com --- This issue has been addressed in following products: OpenStack 4 for RHEL 6 Via RHSA-2014:0354 https://rhn.redhat.com/errata/RHSA-2014-0354.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=cBcnphxGxla=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 --- Comment #45 from errata-xmlrpc errata-xml...@redhat.com --- This issue has been addressed in following products: OpenStack 3 for RHEL 6 Via RHSA-2014:0353 https://rhn.redhat.com/errata/RHSA-2014-0353.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=uE2RNjzezAa=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Tomas Hoger tho...@redhat.com changed: What|Removed |Added Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |0127,reported=20131122,sour |0127,reported=20131122,sour |ce=redhat,cvss2=4.3/AV:A/AC |ce=redhat,cvss2=4.3/AV:A/AC |:H/Au:N/C:P/I:P/A:P,rhel-6/ |:H/Au:N/C:P/I:P/A:P,rhel-6/ |libyaml=affected,rhel-7/lib |libyaml=affected,rhel-7/lib |yaml=affected,rhscl-1/libya |yaml=affected,rhscl-1/ruby1 |ml=affected,fedora-all/liby |93-libyaml=affected,rhscl-1 |aml=affected,epel-all/libya |/libyaml=affected,fedora-al |ml=affected,mrg-1/libyaml=w |l/libyaml=affected,epel-all |ontfix,mrg-2/libyaml=wontfi |/libyaml=affected,mrg-1/lib |x,rhn_satellite_5.3/libyaml |yaml=wontfix,mrg-2/libyaml= |=wontfix,rhn_satellite_5.4/ |wontfix,rhn_satellite_5.3/l |libyaml=wontfix,rhn_satelli |ibyaml=wontfix,rhn_satellit |te_5.5/libyaml=wontfix,rhn_ |e_5.4/libyaml=wontfix,rhn_s |satellite_5.6/libyaml=wontf |atellite_5.5/libyaml=wontfi |ix,rhn_satellite_6/libyaml= |x,rhn_satellite_5.6/libyaml |affected,rhn_satellite_6/ru |=wontfix,rhn_satellite_6/li |by193-libyaml=affected,rhui |byaml=affected,rhn_satellit |-2/libyaml=defer,sam-1/liby |e_6/ruby193-libyaml=affecte |aml=defer,cfme-5/mingw-liby |d,rhui-2/libyaml=defer,sam- |aml=wontfix,cfme-5/ruby193- |1/libyaml=defer,cfme-5/ming |libyaml=wontfix,openstack-3 |w-libyaml=wontfix,cfme-5/ru |/libyaml=affected,openstack |by193-libyaml=wontfix,opens |-3/ruby193-libyaml=affected |tack-3/libyaml=affected,ope |,openstack-4/libyaml=affect |nstack-3/ruby193-libyaml=af |ed,openshift-enterprise-1/r |fected,openstack-4/libyaml= |uby193-libyaml=wontfix,open |affected,openshift-enterpri |shift-1/ruby193-libyaml=aff |se-1/ruby193-libyaml=wontfi |ected,fedora-all/perl-YAML- |x,openshift-1/ruby193-libya |LibYAML=affected,epel-6/per |ml=affected,fedora-all/perl |l-YAML-LibYAML=affected |-YAML-LibYAML=affected,epel ||-6/perl-YAML-LibYAML=affect ||ed -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=WGGM9wXR0ja=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 1033990] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags
https://bugzilla.redhat.com/show_bug.cgi?id=1033990 Murray McAllister mmcal...@redhat.com changed: What|Removed |Added Depends On||1081385 Depends On||1081386 --- Comment #41 from Murray McAllister mmcal...@redhat.com --- Created perl-YAML-LibYAML tracking bugs for this issue: Affects: fedora-all [bug 1081385] Affects: epel-6 [bug 1081386] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1081385 [Bug 1081385] CVE-2013-6393 perl-YAML-LibYAML: libyaml: heap-based buffer overflow when parsing YAML tags [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1081386 [Bug 1081386] CVE-2013-6393 perl-YAML-LibYAML: libyaml: heap-based buffer overflow when parsing YAML tags [epel-6] -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=JaLIZHJJVma=cc_unsubscribe -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel