[ubuntu/focal-proposed] yaml-cpp 0.6.2-4ubuntu1 (Accepted)
Christopher James Halse Rogers
raof at ubuntu.com
Wed Mar 18 23:49:16 UTC 2020
yaml-cpp (0.6.2-4ubuntu1) focal; urgency=medium
* d/patches/fix-CVE-2017-11692.patch:
- Cherry-pick upstream fix for DoS crash on invalid input.
(Upstream bug: https://github.com/jbeder/yaml-cpp/issues/519)
* d/patches/fix-unbounded-recursion-depth.patch:
- Cherry-pick upstream pull request
(https://github.com/jbeder/yaml-cpp/pull/807) fixing multiple CVEs
(CVE-2017-5950, CVE-2018-20573, CVE-2018-20574, CVE-2019-6285)
Date: Tue, 17 Mar 2020 18:03:25 +1100
Changed-By: Christopher James Halse Rogers <raof at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/yaml-cpp/0.6.2-4ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 17 Mar 2020 18:03:25 +1100
Source: yaml-cpp
Architecture: source
Version: 0.6.2-4ubuntu1
Distribution: focal
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Christopher James Halse Rogers <raof at ubuntu.com>
Changes:
yaml-cpp (0.6.2-4ubuntu1) focal; urgency=medium
.
* d/patches/fix-CVE-2017-11692.patch:
- Cherry-pick upstream fix for DoS crash on invalid input.
(Upstream bug: https://github.com/jbeder/yaml-cpp/issues/519)
* d/patches/fix-unbounded-recursion-depth.patch:
- Cherry-pick upstream pull request
(https://github.com/jbeder/yaml-cpp/pull/807) fixing multiple CVEs
(CVE-2017-5950, CVE-2018-20573, CVE-2018-20574, CVE-2019-6285)
Checksums-Sha1:
a50358dc8f300d36c75e76e5f3b3c6b08ea894f5 2039 yaml-cpp_0.6.2-4ubuntu1.dsc
5fc8e6ff0bbbc2ccda5875fcbdb8eed77a9b5bef 11436 yaml-cpp_0.6.2-4ubuntu1.debian.tar.xz
343daba3902a06b03584c65743eabeeb2765758c 7536 yaml-cpp_0.6.2-4ubuntu1_source.buildinfo
Checksums-Sha256:
956826d6440ef397818199a8e96eee0108fc937ad0666604f489a2eec11e0be1 2039 yaml-cpp_0.6.2-4ubuntu1.dsc
f59dd2ab1513e0a5b677ee079d59075dda1b99fc26ec6ed0e8076a81a464ca6c 11436 yaml-cpp_0.6.2-4ubuntu1.debian.tar.xz
44f531b127ebf929114a22707a02ce7985bbc562dfe5f50ab4c9bd250bfbca24 7536 yaml-cpp_0.6.2-4ubuntu1_source.buildinfo
Files:
0c87effe7fc44ecaed2c9fff3d2827a2 2039 devel optional yaml-cpp_0.6.2-4ubuntu1.dsc
2fe568ed9ec3f13f30163c59d4682685 11436 devel optional yaml-cpp_0.6.2-4ubuntu1.debian.tar.xz
d91f6e7d924f6e00283a219be00ee1eb 7536 devel optional yaml-cpp_0.6.2-4ubuntu1_source.buildinfo
Original-Maintainer: Simon Quigley <tsimonq2 at debian.org>
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCgAuFiEE9KDn+VDzYvpbcZxI1NtKn10ETxoFAl5wdrUQHHJhb2ZAdWJ1
bnR1LmNvbQAKCRDU20qfXQRPGib0EACB2esZFK7MG6CE0ybwuN/gF1liP0CMXMdN
hkKvz3ezWaI9HP3fFkcYe3kWEMndZI75GCUJIsGJdJynEzQyrTX+g+xI0FR2i2LT
JQWX5T0Wbc6n9vx6KTDfpzponK/eEmyFI94A48P9Bbd2IzfSI+JgBLzZmYLuxaTJ
rxG8aur2q6sX1vgPe0EpoiS+k40IItudr6l14HE4N4AkIafQTQmEdBD+NN9eNRbZ
ukLVJynG/c59HTtrHkoUY8uEdq6Kw0w6Jr/wEUaXwWSwSpErnEPLS2bRsdSfX3bi
/X3E7r1BzRYL/YFvTo8viEHu0zbA8osHhaVm0eAyW5PTVL+X1Wx0uYExoU/b4/3W
zs+ykTJ0xzBDhD0/o6PXWlpJoatrVesXKFcT4Zi2e6IZOq6Gx5CL1TvX5+Kz7aDg
QqrY4+9TLcofXagtawOWNbezc/xaUP0w2+oBXPmlExBktll7dVyWKPMUqLJ0RYKB
OGn1jPtmkhunbrhi4dfyljjmMWmcB/Hp9gd/UOCWE7h8OoApumBrI8o13GdLEAEG
XmyC6cYGD/tM6jmdUGy6OBcT3qTkM1oTKg25cPcP46vuxt6ECWM/REmvEREjnYv+
MnK0o6gTuiojqZ1D+sdv3o3Nm1nKlres79M6yeUE0ZBiHXAbO2sswmudrpZ3avyP
hwoXzYZEKw==
=Z/TT
-----END PGP SIGNATURE-----
More information about the Focal-changes
mailing list