[Bug 1279805] Re: regression in CVE-2013-6393 patch

Sun Oct 22 05:42:45 UTC 2017

https://usn.ubuntu.com/usn/usn-2098-2/

** Tags added: regression-update

** No longer affects: libyaml (Ubuntu Trusty)

** Changed in: libyaml (Ubuntu)
   Importance: Undecided => Critical

** Changed in: libyaml (Ubuntu Precise)
   Importance: Undecided => Critical

** Changed in: libyaml (Ubuntu Quantal)
   Importance: Undecided => Critical

** Changed in: libyaml (Ubuntu Saucy)
   Importance: Undecided => Critical

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libyaml in Ubuntu.
https://bugs.launchpad.net/bugs/1279805

Title:
  regression in CVE-2013-6393 patch

Status in libyaml package in Ubuntu:
  Fix Released
Status in libyaml source package in Precise:
  Fix Released
Status in libyaml source package in Quantal:
  Fix Released
Status in libyaml source package in Saucy:
  Fix Released
Status in libyaml package in Debian:
  Fix Released

Bug description:
  A regression has been reported in the patch used to fix CVE-2013-6393
  in USN-2098-1:

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738587
  https://bugzilla.redhat.com/show_bug.cgi?id=1033990

  Upstream has used slightly different fixes in 0.1.5.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libyaml/+bug/1279805/+subscriptions