[Bug 1276156] [NEW] CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML tags

[John Leach]

*** This bug is a security vulnerability ***

Public security bug reported:

https://bugzilla.redhat.com/show_bug.cgi?id=1033990

"A heap-based buffer overflow flaw was found in the way libyaml parsed
YAML tags. A remote attacker could provide a specially-crafted YAML
document that, when parsed by an application using libyaml, would cause
the application to crash or, potentially, execute arbitrary code with
the privileges of the user running the application."

Fixed in Debian package 0.1.4-2+deb7u2

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737076

That fix has been merged into Trusty already (0.1.4-3ubuntu1) but no
others.

** Affects: libyaml (Ubuntu)
     Importance: Undecided
         Status: New

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6393

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libyaml in Ubuntu.
https://bugs.launchpad.net/bugs/1276156

Title:
   CVE-2013-6393 libyaml: heap-based buffer overflow when parsing YAML
  tags

Status in “libyaml” package in Ubuntu:
  New

Bug description:
  https://bugzilla.redhat.com/show_bug.cgi?id=1033990

  "A heap-based buffer overflow flaw was found in the way libyaml parsed
  YAML tags. A remote attacker could provide a specially-crafted YAML
  document that, when parsed by an application using libyaml, would
  cause the application to crash or, potentially, execute arbitrary code
  with the privileges of the user running the application."

  Fixed in Debian package 0.1.4-2+deb7u2

  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737076

  That fix has been merged into Trusty already (0.1.4-3ubuntu1) but no
  others.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libyaml/+bug/1276156/+subscriptions