]> andersk Git - libyaml.git/blobdiff - debian/changelog
andersk / libyaml.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Imported Debian patch 0.1.4-3.2
[libyaml.git] / debian / changelog
diff --git a/debian/changelog b/debian/changelog
index 89e244d4a2258e27f2bfad358da36bc0e2d255ca..3555978cb9650905f6d5f0a3cbc4a94d58bc998d 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,14 @@
+libyaml (0.1.4-3.2) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Add CVE-2014-2525.patch patch.
+    CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes.
+    The heap overflow is caused by not properly expanding a string before
+    writing to it in function yaml_parser_scan_uri_escapes in scanner.c.
+    (Closes: #742732)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Thu, 27 Mar 2014 06:22:25 +0100
+
 libyaml (0.1.4-3.1) unstable; urgency=medium
 
   * Non-maintainer upload.
Fast YAML 1.1 parser and emitter library
This page took 0.06431 seconds and 4 git commands to generate.