+libyaml (0.1.6-3) UNRELEASED; urgency=high
+
+ * debian/patches/CVE-2014-9130.patch: Fix CVE-2014-9130 assertion
+ failure caused by wrapped strings. (Closes: #771366)
+
+ -- Anders Kaseorg <andersk@mit.edu> Fri, 28 Nov 2014 21:14:24 -0500
+
libyaml (0.1.6-2) unstable; urgency=medium
* Move doxygen from Build-Depends to Build-Depends-Indep.
--- /dev/null
+From: Kirill Simonov <xi@resolvent.net>
+Subject: Removed invalid simple key assertion (thank to Jonathan Gray).
+Origin: upstream, https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
+Bug: https://bitbucket.org/xi/libyaml/issue/10
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771366
+Last-Update: 2014-11-28
+
+---
+ src/scanner.c | 7 -------
+ 1 file changed, 7 deletions(-)
+
+diff --git a/src/scanner.c b/src/scanner.c
+index 88d4fa5..5ec0be0 100644
+--- a/src/scanner.c
++++ b/src/scanner.c
+@@ -1106,13 +1106,6 @@ yaml_parser_save_simple_key(yaml_parser_t *parser)
+ && parser->indent == (ptrdiff_t)parser->mark.column);
+
+ /*
+- * A simple key is required only when it is the first token in the current
+- * line. Therefore it is always allowed. But we add a check anyway.
+- */
+-
+- assert(parser->simple_key_allowed || !required); /* Impossible. */
+-
+- /*
+ * If the current position may start a simple key, save it.
+ */
+
+--
+2.2.0
+
andersk / libyaml.git / commitdiff
