New Search

SUSE-SU-2015:0953-2 -- Security update for perl-YAML-LibYAML (moderate)

oval:org.mitre.oval:def:29055

erl-YAML-LibYAML was updated to fix three security issues. These security issues were fixed: - CVE-2013-6393: The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performed an incorrect cast which allowed remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document which triggered a heap-based buffer overflow (bnc#860617 bnc#911782).

Family:
unix
Status:
ACCEPTED
Platform(s):
  • SUSE Linux Enterprise Server 12
  • SUSE Linux Enterprise Desktop 12
Class:
patch
Reference(s):
  • SUSE-SU-2015:0953-2
  • CVE-2013-6393
  • CVE-2014-9130
  • CVE-2014-2525
Product(s):
  • perl-YAML-LibYAML