[Bug 1279805] Re: regression in CVE-2013-6393 patch
Launchpad Bug Tracker
1279805 at bugs.launchpad.net
Thu Feb 13 15:24:16 UTC 2014
This bug was fixed in the package libyaml - 0.1.4-2ubuntu0.12.10.2
---------------
libyaml (0.1.4-2ubuntu0.12.10.2) quantal-security; urgency=medium
* SECURITY REGRESSION: parsing regression in security update
(LP: #1279805)
- debian/patches/CVE-2013-6393.patch: updated to use upstream commits
from 0.1.5.
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Thu, 13 Feb 2014 08:39:51 -0500
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libyaml in Ubuntu.
https://bugs.launchpad.net/bugs/1279805
Title:
regression in CVE-2013-6393 patch
Status in “libyaml” package in Ubuntu:
New
Status in “libyaml” source package in Precise:
Fix Released
Status in “libyaml” source package in Quantal:
Fix Released
Status in “libyaml” source package in Saucy:
Fix Released
Status in “libyaml” source package in Trusty:
New
Status in “libyaml” package in Debian:
Fix Committed
Bug description:
A regression has been reported in the patch used to fix CVE-2013-6393
in USN-2098-1:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738587
https://bugzilla.redhat.com/show_bug.cgi?id=1033990
Upstream has used slightly different fixes in 0.1.5.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libyaml/+bug/1279805/+subscriptions
More information about the foundations-bugs
mailing list