[ubuntu-cloud-archive/ussuri-proposed] pyyaml (Accepted)
Corey Bryant
corey.bryant at canonical.com
Fri May 28 12:37:59 UTC 2021
pyyaml (5.3.1-1ubuntu0.1~cloud0) bionic-ussuri; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
pyyaml (5.3.1-1ubuntu0.1) focal-security; urgency=medium
.
* SECURITY UPDATE: FullLoader arbitrary code execution
- debian/patches/CVE-2020-14343.patch: move a few constructors from
full_load to unsafe_load in lib/yaml/constructor.py,
lib3/yaml/constructor.py, tests/lib/test_recursive.py,
tests/lib3/test_recursive.py.
- CVE-2020-14343
Date: Mon, 10 May 2021 14:36:34 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: Corey Bryant <corey.bryant at canonical.com>
More information about the Cloud-archive-changes
mailing list