[ubuntu/jammy-updates] snakeyaml 1.29-1ubuntu0.22.04.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Mar 9 22:28:15 UTC 2023
snakeyaml (1.29-1ubuntu0.22.04.1) jammy-security; urgency=medium
* SECURITY UPDATE: Denial of service due to stack overflow
- debian/patches/CVE-2022-25857.patch: Restrict nested depth for
collections to avoid DoS attacks.
- CVE-2022-25857
- CVE-2022-38749
* SECURITY UPDATE: Denial of service due to stack overflow
- debian/patches/CVE-2022-38750.patch: Adds test for upstream issue 526.
- CVE-2022-38750
* SECURITY UPDATE: Denial of service due to stack overflow
- debian/patches/CVE-2022-38751.patch: Add resolver limits to avoid DoS
attacks.
- CVE-2022-38751
Date: 2023-03-09 19:33:12.331802+00:00
Changed-By: Fabian Toepfer <fabian.toepfer at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/snakeyaml/1.29-1ubuntu0.22.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list