SCIENTIFIC-LINUX-ERRATA Archives

January 2015

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: libyaml on SL6.x, SL7.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Wed, 28 Jan 2015 18:32:51 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (38 lines) 
Synopsis:          Moderate: libyaml security update
Advisory ID:       SLSA-2015:0100-1
Issue Date:        2015-01-28
CVE Numbers:       CVE-2014-9130
--

An assertion failure was found in the way the libyaml library parsed
wrapped strings. An attacker able to load specially crafted YAML input
into an application using libyaml could cause the application to crash.
(CVE-2014-9130)

All running applications linked against the libyaml library must be
restarted for this update to take effect.
--

SL6
  x86_64
    libyaml-0.1.3-4.el6_6.i686.rpm
    libyaml-0.1.3-4.el6_6.x86_64.rpm
    libyaml-debuginfo-0.1.3-4.el6_6.i686.rpm
    libyaml-debuginfo-0.1.3-4.el6_6.x86_64.rpm
    libyaml-devel-0.1.3-4.el6_6.i686.rpm
    libyaml-devel-0.1.3-4.el6_6.x86_64.rpm
  i386
    libyaml-0.1.3-4.el6_6.i686.rpm
    libyaml-debuginfo-0.1.3-4.el6_6.i686.rpm
    libyaml-devel-0.1.3-4.el6_6.i686.rpm
SL7
  x86_64
    libyaml-0.1.4-11.el7_0.i686.rpm
    libyaml-0.1.4-11.el7_0.x86_64.rpm
    libyaml-debuginfo-0.1.4-11.el7_0.i686.rpm
    libyaml-debuginfo-0.1.4-11.el7_0.x86_64.rpm
    libyaml-devel-0.1.4-11.el7_0.i686.rpm
    libyaml-devel-0.1.4-11.el7_0.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2