-libyaml (0.1.5-1) UNRELEASED; urgency=medium
+libyaml (0.1.6-1) UNRELEASED; urgency=medium
- * New upstream version 0.1.5.
+ * New upstream version 0.1.6.
+ Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML
tags.
+ + Fix CVE-2014-2525: heap-based buffer overflow in
+ yaml_parser_scan_uri_escapes.
* Drop upstreamed patches.
* Run tests at build time.
* Bump Standards-Version to 3.9.5 (no changes needed).
examples. (Closes: #696821)
* Acknowledge NMUs.
- -- Anders Kaseorg <andersk@mit.edu> Sun, 23 Feb 2014 21:48:49 -0500
+ -- Anders Kaseorg <andersk@mit.edu> Mon, 18 Aug 2014 23:58:22 -0400
libyaml (0.1.4-3.2) unstable; urgency=high