[ubuntu/questing-security] libyang 3.13.5-2ubuntu0.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Jun 30 11:44:50 UTC 2026


libyang (3.13.5-2ubuntu0.1) questing-security; urgency=medium

  * SECURITY UPDATE: heap use-after-free write in lyd_parser_set_data_flags
    - debian/patches/CVE-2026-41401.patch: parser common BUGFIX invalid metadata
      removal in src/parser_common.c,
      tests/fuzz/corpus/lyd_parse_mem_xml/advisory2026_03_26.
    - CVE-2026-41401

Date: 2026-06-16 17:29:12.755803+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libyang/3.13.5-2ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Questing-changes mailing list