https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Bug ID: 1169369 Summary: CVE-2014-9130 libyaml: assert failure when processing wrapped strings Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: mprpic@redhat.com CC: abaron@redhat.com, aortega@redhat.com, apatters@redhat.com, apevec@redhat.com, ayoung@redhat.com, bhu@redhat.com, bkearney@redhat.com, bleanhar@redhat.com, cbillett@redhat.com, ccoleman@redhat.com, chrisw@redhat.com, cpelland@redhat.com, cperry@redhat.com, dajohnso@redhat.com, dallan@redhat.com, dclarizi@redhat.com, dmcphers@redhat.com, esammons@redhat.com, gkotton@redhat.com, gmccullo@redhat.com, iboverma@redhat.com, jdetiber@redhat.com, jeckersb@redhat.com, jhardy@redhat.com, jialiu@redhat.com, jkeck@redhat.com, jmatthew@redhat.com, joelsmith@redhat.com, jokerman@redhat.com, jorton@redhat.com, jplesnik@redhat.com, jprause@redhat.com, jrafanie@redhat.com, jross@redhat.com, jvlcek@redhat.com, katello-bugs@redhat.com, kseifried@redhat.com, lhh@redhat.com, lmeyer@redhat.com, lpeer@redhat.com, markmc@redhat.com, matt@redhat.com, mburns@redhat.com, mcressma@redhat.com, mmaslano@redhat.com, mmccomas@redhat.com, mmccune@redhat.com, mmcgrath@redhat.com, mmraka@redhat.com, mrg-program-list@redhat.com, obarenbo@redhat.com, paul@city-fan.org, perl-devel@lists.fedoraproject.org, pmyers@redhat.com, rbryant@redhat.com, rhos-maint@redhat.com, sclewis@redhat.com, taw@redhat.com, tjay@redhat.com, tomckay@redhat.com, tremble@tremble.org.uk, tsanders@redhat.com, williams@redhat.com, xlecauch@redhat.com, yeylon@redhat.com
An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.
This issue was reported upstream at [1]; a patch that fixes this issue is available at [2].
[1] https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failu... [2] https://github.com/yaml/libyaml/commit/e6aa721cc0e5a48f408c52355559fd36780ba...
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Martin Prpic mprpic@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1169371 Depends On| |1169372
--- Comment #1 from Martin Prpic mprpic@redhat.com ---
Created libyaml tracking bugs for this issue:
Affects: fedora-all [bug 1169371] Affects: epel-all [bug 1169372]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1169371 [Bug 1169371] CVE-2014-9130 libyaml: assert failure when processing wrapped strings [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1169372 [Bug 1169372] CVE-2014-9130 libyaml: assert failure when processing wrapped strings [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Martin Prpic mprpic@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1169374
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jrusnack@redhat.com Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=new,rh |E-617,rhel-6/libyaml=defer, |el-7/libyaml=new,rhscl-1/ru |rhel-7/libyaml=defer,rhscl- |by193-libyaml=new,rhscl-1/l |1/ruby193-libyaml=defer,rhs |ibyaml=new,fedora-all/libya |cl-1/libyaml=defer,fedora-a |ml=affected,epel-all/libyam |ll/libyaml=affected,epel-al |l=affected,mrg-1/libyaml=ne |l/libyaml=affected,mrg-1/li |w,mrg-2/libyaml=new,rhn_sat |byaml=new,mrg-2/libyaml=new |ellite_5.3/libyaml=new,rhn_ |,rhn_satellite_5.3/libyaml= |satellite_5.4/libyaml=new,r |defer,rhn_satellite_5.4/lib |hn_satellite_5.5/libyaml=ne |yaml=defer,rhn_satellite_5. |w,rhn_satellite_5.6/libyaml |5/libyaml=defer,rhn_satelli |=new,rhn_satellite_6/libyam |te_5.6/libyaml=defer,rhn_sa |l=new,rhn_satellite_6/ruby1 |tellite_6/libyaml=defer,rhn |93-libyaml=new,rhui-2/libya |_satellite_6/ruby193-libyam |ml=new,sam-1/libyaml=new,cf |l=defer,rhui-2/libyaml=defe |me-5/mingw-libyaml=new,cfme |r,sam-1/libyaml=defer,cfme- |-5/ruby193-libyaml=new,open |5/mingw-libyaml=defer,cfme- |stack-3/libyaml=new,opensta |5/ruby193-libyaml=defer,ope |ck-3/ruby193-libyaml=new,op |nstack-3/libyaml=new,openst |enstack-4/libyaml=new,opens |ack-3/ruby193-libyaml=new,o |hift-enterprise-1/ruby193-l |penstack-4/libyaml=new,open |ibyaml=new,openshift-1/ruby |shift-enterprise-1/ruby193- |193-libyaml=new,fedora-all/ |libyaml=defer,openshift-1/r |perl-YAML-LibYAML=new,epel- |uby193-libyaml=defer,fedora |6/perl-YAML-LibYAML=new |-all/perl-YAML-LibYAML=new, | |epel-6/perl-YAML-LibYAML=ne | |w
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Tomas Hoger thoger@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=defer, |E-617,rhel-6/libyaml=defer, |rhel-7/libyaml=defer,rhscl- |rhel-7/libyaml=defer,rhscl- |1/ruby193-libyaml=defer,rhs |1/libyaml=defer,fedora-all/ |cl-1/libyaml=defer,fedora-a |libyaml=affected,epel-all/l |ll/libyaml=affected,epel-al |ibyaml=affected,mrg-1/libya |l/libyaml=affected,mrg-1/li |ml=new,mrg-2/libyaml=new,rh |byaml=new,mrg-2/libyaml=new |n_satellite_5.3/libyaml=def |,rhn_satellite_5.3/libyaml= |er,rhn_satellite_5.4/libyam |defer,rhn_satellite_5.4/lib |l=defer,rhn_satellite_5.5/l |yaml=defer,rhn_satellite_5. |ibyaml=defer,rhn_satellite_ |5/libyaml=defer,rhn_satelli |5.6/libyaml=defer,rhn_satel |te_5.6/libyaml=defer,rhn_sa |lite_6/libyaml=defer,rhn_sa |tellite_6/libyaml=defer,rhn |tellite_6/ruby193-libyaml=d |_satellite_6/ruby193-libyam |efer,rhui-2/libyaml=defer,s |l=defer,rhui-2/libyaml=defe |am-1/libyaml=defer,cfme-5/m |r,sam-1/libyaml=defer,cfme- |ingw-libyaml=defer,cfme-5/r |5/mingw-libyaml=defer,cfme- |uby193-libyaml=defer,openst |5/ruby193-libyaml=defer,ope |ack-4/libyaml=new,openshift |nstack-3/libyaml=new,openst |-1/ruby193-libyaml=defer,fe |ack-3/ruby193-libyaml=new,o |dora-all/perl-YAML-LibYAML= |penstack-4/libyaml=new,open |new,epel-6/perl-YAML-LibYAM |shift-enterprise-1/ruby193- |L=new |libyaml=defer,openshift-1/r | |uby193-libyaml=defer,fedora | |-all/perl-YAML-LibYAML=new, | |epel-6/perl-YAML-LibYAML=ne | |w |
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=defer, |E-617,rhel-6/libyaml=defer, |rhel-7/libyaml=defer,rhscl- |rhel-7/libyaml=defer,rhscl- |1/libyaml=defer,fedora-all/ |1/libyaml=defer,fedora-all/ |libyaml=affected,epel-all/l |libyaml=affected,epel-all/l |ibyaml=affected,mrg-1/libya |ibyaml=affected,mrg-1/libya |ml=new,mrg-2/libyaml=new,rh |ml=new,mrg-2/libyaml=new,rh |n_satellite_5.3/libyaml=def |n_satellite_5.3/libyaml=def |er,rhn_satellite_5.4/libyam |er,rhn_satellite_5.4/libyam |l=defer,rhn_satellite_5.5/l |l=defer,rhn_satellite_5.5/l |ibyaml=defer,rhn_satellite_ |ibyaml=defer,rhn_satellite_ |5.6/libyaml=defer,rhn_satel |5.6/libyaml=defer,rhn_satel |lite_6/libyaml=defer,rhn_sa |lite_6/libyaml=defer,rhn_sa |tellite_6/ruby193-libyaml=d |tellite_6/ruby193-libyaml=d |efer,rhui-2/libyaml=defer,s |efer,rhui-2/libyaml=defer,s |am-1/libyaml=defer,cfme-5/m |am-1/libyaml=defer,cfme-5/m |ingw-libyaml=defer,cfme-5/r |ingw-libyaml=defer,cfme-5/r |uby193-libyaml=defer,openst |uby193-libyaml=defer,openst |ack-4/libyaml=new,openshift |ack-4/libyaml=new,openshift |-1/ruby193-libyaml=defer,fe |-1/ruby193-libyaml=defer,fe |dora-all/perl-YAML-LibYAML= |dora-all/perl-YAML-LibYAML= |new,epel-6/perl-YAML-LibYAM |affected,epel-6/perl-YAML-L |L=new |ibYAML=new
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #4 from Ján Rusnačko jrusnack@redhat.com --- References:
https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failu... http://www.openwall.com/lists/oss-security/2014/11/28/1 https://github.com/yaml/libyaml/commit/e6aa721cc0e5a48f408c52355559fd36780ba...
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=defer, |E-617,rhel-6/libyaml=defer, |rhel-7/libyaml=defer,rhscl- |rhel-7/libyaml=defer,rhscl- |1/libyaml=defer,fedora-all/ |1/libyaml=defer,fedora-all/ |libyaml=affected,epel-all/l |libyaml=affected,epel-all/l |ibyaml=affected,mrg-1/libya |ibyaml=affected,mrg-1/libya |ml=new,mrg-2/libyaml=new,rh |ml=new,mrg-2/libyaml=new,rh |n_satellite_5.3/libyaml=def |n_satellite_5.3/libyaml=def |er,rhn_satellite_5.4/libyam |er,rhn_satellite_5.4/libyam |l=defer,rhn_satellite_5.5/l |l=defer,rhn_satellite_5.5/l |ibyaml=defer,rhn_satellite_ |ibyaml=defer,rhn_satellite_ |5.6/libyaml=defer,rhn_satel |5.6/libyaml=defer,rhn_satel |lite_6/libyaml=defer,rhn_sa |lite_6/libyaml=defer,rhn_sa |tellite_6/ruby193-libyaml=d |tellite_6/ruby193-libyaml=d |efer,rhui-2/libyaml=defer,s |efer,rhui-2/libyaml=defer,s |am-1/libyaml=defer,cfme-5/m |am-1/libyaml=defer,cfme-5/m |ingw-libyaml=defer,cfme-5/r |ingw-libyaml=defer,cfme-5/r |uby193-libyaml=defer,openst |uby193-libyaml=defer,openst |ack-4/libyaml=new,openshift |ack-4/libyaml=new,openshift |-1/ruby193-libyaml=defer,fe |-1/ruby193-libyaml=defer,fe |dora-all/perl-YAML-LibYAML= |dora-all/perl-YAML-LibYAML= |affected,epel-6/perl-YAML-L |affected,epel-6/perl-YAML-L |ibYAML=new |ibYAML=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1169750 Depends On| |1169751
--- Comment #5 from Ján Rusnačko jrusnack@redhat.com ---
Created perl-YAML-LibYAML tracking bugs for this issue:
Affects: fedora-all [bug 1169750] Affects: epel-6 [bug 1169751]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1169750 [Bug 1169750] CVE-2014-9130 perl-YAML-LibYAML: libyaml: assert failure when processing wrapped strings [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1169751 [Bug 1169751] CVE-2014-9130 perl-YAML-LibYAML: libyaml: assert failure when processing wrapped strings [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=defer, |E-617,rhel-6/libyaml=defer, |rhel-7/libyaml=defer,rhscl- |rhel-7/libyaml=defer,rhscl- |1/libyaml=defer,fedora-all/ |1/libyaml=defer,fedora-all/ |libyaml=affected,epel-all/l |libyaml=affected,epel-all/l |ibyaml=affected,mrg-1/libya |ibyaml=affected,mrg-1/libya |ml=new,mrg-2/libyaml=new,rh |ml=new,mrg-2/libyaml=new,rh |n_satellite_5.3/libyaml=def |n_satellite_5.3/libyaml=def |er,rhn_satellite_5.4/libyam |er,rhn_satellite_5.4/libyam |l=defer,rhn_satellite_5.5/l |l=defer,rhn_satellite_5.5/l |ibyaml=defer,rhn_satellite_ |ibyaml=defer,rhn_satellite_ |5.6/libyaml=defer,rhn_satel |5.6/libyaml=defer,rhn_satel |lite_6/libyaml=defer,rhn_sa |lite_6/libyaml=defer,rhn_sa |tellite_6/ruby193-libyaml=d |tellite_6/ruby193-libyaml=d |efer,rhui-2/libyaml=defer,s |efer,rhui-2/libyaml=defer,s |am-1/libyaml=defer,cfme-5/m |am-1/libyaml=defer,cfme-5/m |ingw-libyaml=defer,cfme-5/r |ingw-libyaml=defer,cfme-5/r |uby193-libyaml=defer,openst |uby193-libyaml=defer,openst |ack-4/libyaml=new,openshift |ack-4/libyaml=new,openstack |-1/ruby193-libyaml=defer,fe |-5/libyaml=new,openshift-1/ |dora-all/perl-YAML-LibYAML= |ruby193-libyaml=defer,fedor |affected,epel-6/perl-YAML-L |a-all/perl-YAML-LibYAML=aff |ibYAML=affected |ected,epel-6/perl-YAML-LibY | |AML=affected,epel-7/perl-YA | |ML-LibYAML=new
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=defer, |E-617,rhel-6/libyaml=defer, |rhel-7/libyaml=defer,rhscl- |rhel-7/libyaml=defer,rhscl- |1/libyaml=defer,fedora-all/ |1/libyaml=defer,fedora-all/ |libyaml=affected,epel-all/l |libyaml=affected,epel-all/l |ibyaml=affected,mrg-1/libya |ibyaml=affected,mrg-1/libya |ml=new,mrg-2/libyaml=new,rh |ml=wontfix,mrg-2/libyaml=wo |n_satellite_5.3/libyaml=def |ntfix,rhn_satellite_5.3/lib |er,rhn_satellite_5.4/libyam |yaml=defer,rhn_satellite_5. |l=defer,rhn_satellite_5.5/l |4/libyaml=defer,rhn_satelli |ibyaml=defer,rhn_satellite_ |te_5.5/libyaml=defer,rhn_sa |5.6/libyaml=defer,rhn_satel |tellite_5.6/libyaml=defer,r |lite_6/libyaml=defer,rhn_sa |hn_satellite_6/libyaml=defe |tellite_6/ruby193-libyaml=d |r,rhn_satellite_6/ruby193-l |efer,rhui-2/libyaml=defer,s |ibyaml=defer,rhui-2/libyaml |am-1/libyaml=defer,cfme-5/m |=defer,sam-1/libyaml=defer, |ingw-libyaml=defer,cfme-5/r |cfme-5/mingw-libyaml=defer, |uby193-libyaml=defer,openst |cfme-5/ruby193-libyaml=defe |ack-4/libyaml=new,openstack |r,openstack-4/libyaml=new,o |-5/libyaml=new,openshift-1/ |penstack-5/libyaml=new,open |ruby193-libyaml=defer,fedor |shift-1/ruby193-libyaml=def |a-all/perl-YAML-LibYAML=aff |er,fedora-all/perl-YAML-Lib |ected,epel-6/perl-YAML-LibY |YAML=affected,epel-6/perl-Y |AML=affected,epel-7/perl-YA |AML-LibYAML=affected,epel-7 |ML-LibYAML=new |/perl-YAML-LibYAML=affected | |,jboss/inktank-1.2-libyaml= | |new
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1169801
--- Comment #6 from Ján Rusnačko jrusnack@redhat.com ---
Created perl-YAML-LibYAML tracking bugs for this issue:
Affects: epel-7 [bug 1169801]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1169801 [Bug 1169801] CVE-2014-9130 perl-YAML-LibYAML: libyaml: assert failure when processing wrapped strings [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Wade Mealing wmealing@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=defer, |E-617,rhel-6/libyaml=defer, |rhel-7/libyaml=defer,rhscl- |rhel-7/libyaml=defer,rhscl- |1/libyaml=defer,fedora-all/ |1/libyaml=defer,fedora-all/ |libyaml=affected,epel-all/l |libyaml=affected,epel-all/l |ibyaml=affected,mrg-1/libya |ibyaml=affected,mrg-1/libya |ml=wontfix,mrg-2/libyaml=wo |ml=wontfix,mrg-2/libyaml=wo |ntfix,rhn_satellite_5.3/lib |ntfix,rhn_satellite_5.3/lib |yaml=defer,rhn_satellite_5. |yaml=defer,rhn_satellite_5. |4/libyaml=defer,rhn_satelli |4/libyaml=defer,rhn_satelli |te_5.5/libyaml=defer,rhn_sa |te_5.5/libyaml=defer,rhn_sa |tellite_5.6/libyaml=defer,r |tellite_5.6/libyaml=defer,r |hn_satellite_6/libyaml=defe |hn_satellite_6/libyaml=defe |r,rhn_satellite_6/ruby193-l |r,rhn_satellite_6/ruby193-l |ibyaml=defer,rhui-2/libyaml |ibyaml=defer,rhui-2/libyaml |=defer,sam-1/libyaml=defer, |=defer,sam-1/libyaml=defer, |cfme-5/mingw-libyaml=defer, |cfme-5/mingw-libyaml=defer, |cfme-5/ruby193-libyaml=defe |cfme-5/ruby193-libyaml=defe |r,openstack-4/libyaml=new,o |r,openstack-4/libyaml=new,o |penstack-5/libyaml=new,open |penstack-5/libyaml=new,open |shift-1/ruby193-libyaml=def |shift-1/ruby193-libyaml=def |er,fedora-all/perl-YAML-Lib |er,fedora-all/perl-YAML-Lib |YAML=affected,epel-6/perl-Y |YAML=affected,epel-6/perl-Y |AML-LibYAML=affected,epel-7 |AML-LibYAML=affected,epel-7 |/perl-YAML-LibYAML=affected |/perl-YAML-LibYAML=affected |,jboss/inktank-1.2-libyaml= |,jboss/inktank-1.2-libyaml= |new |notaffected
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Kurt Seifried kseifried@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=defer, |E-617,rhel-6/libyaml=defer, |rhel-7/libyaml=defer,rhscl- |rhel-7/libyaml=defer,rhscl- |1/libyaml=defer,fedora-all/ |1/libyaml=defer,fedora-all/ |libyaml=affected,epel-all/l |libyaml=affected,epel-all/l |ibyaml=affected,mrg-1/libya |ibyaml=affected,mrg-1/libya |ml=wontfix,mrg-2/libyaml=wo |ml=wontfix,mrg-2/libyaml=wo |ntfix,rhn_satellite_5.3/lib |ntfix,rhn_satellite_5.3/lib |yaml=defer,rhn_satellite_5. |yaml=defer,rhn_satellite_5. |4/libyaml=defer,rhn_satelli |4/libyaml=defer,rhn_satelli |te_5.5/libyaml=defer,rhn_sa |te_5.5/libyaml=defer,rhn_sa |tellite_5.6/libyaml=defer,r |tellite_5.6/libyaml=defer,r |hn_satellite_6/libyaml=defe |hn_satellite_6/libyaml=defe |r,rhn_satellite_6/ruby193-l |r,rhn_satellite_6/ruby193-l |ibyaml=defer,rhui-2/libyaml |ibyaml=defer,rhui-2/libyaml |=defer,sam-1/libyaml=defer, |=affected,sam-1/libyaml=def |cfme-5/mingw-libyaml=defer, |er,cfme-5/mingw-libyaml=def |cfme-5/ruby193-libyaml=defe |er,cfme-5/ruby193-libyaml=d |r,openstack-4/libyaml=new,o |efer,openstack-4/libyaml=ne |penstack-5/libyaml=new,open |w,openstack-5/libyaml=new,o |shift-1/ruby193-libyaml=def |penshift-1/ruby193-libyaml= |er,fedora-all/perl-YAML-Lib |defer,fedora-all/perl-YAML- |YAML=affected,epel-6/perl-Y |LibYAML=affected,epel-6/per |AML-LibYAML=affected,epel-7 |l-YAML-LibYAML=affected,epe |/perl-YAML-LibYAML=affected |l-7/perl-YAML-LibYAML=affec |,jboss/inktank-1.2-libyaml= |ted,jboss/inktank-1.2-libya |notaffected |ml=notaffected
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Kurt Seifried kseifried@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1171245
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Vincent Danen vdanen@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=defer, |E-617,rhel-6/libyaml=affect |rhel-7/libyaml=defer,rhscl- |ed,rhel-7/libyaml=affected, |1/libyaml=defer,fedora-all/ |rhscl-1/libyaml=defer,fedor |libyaml=affected,epel-all/l |a-all/libyaml=affected,epel |ibyaml=affected,mrg-1/libya |-all/libyaml=affected,mrg-1 |ml=wontfix,mrg-2/libyaml=wo |/libyaml=wontfix,mrg-2/liby |ntfix,rhn_satellite_5.3/lib |aml=wontfix,rhn_satellite_5 |yaml=defer,rhn_satellite_5. |.3/libyaml=defer,rhn_satell |4/libyaml=defer,rhn_satelli |ite_5.4/libyaml=defer,rhn_s |te_5.5/libyaml=defer,rhn_sa |atellite_5.5/libyaml=defer, |tellite_5.6/libyaml=defer,r |rhn_satellite_5.6/libyaml=d |hn_satellite_6/libyaml=defe |efer,rhn_satellite_6/libyam |r,rhn_satellite_6/ruby193-l |l=defer,rhn_satellite_6/rub |ibyaml=defer,rhui-2/libyaml |y193-libyaml=defer,rhui-2/l |=affected,sam-1/libyaml=def |ibyaml=affected,sam-1/libya |er,cfme-5/mingw-libyaml=def |ml=defer,cfme-5/mingw-libya |er,cfme-5/ruby193-libyaml=d |ml=defer,cfme-5/ruby193-lib |efer,openstack-4/libyaml=ne |yaml=defer,openstack-4/liby |w,openstack-5/libyaml=new,o |aml=new,openstack-5/libyaml |penshift-1/ruby193-libyaml= |=new,openshift-1/ruby193-li |defer,fedora-all/perl-YAML- |byaml=defer,fedora-all/perl |LibYAML=affected,epel-6/per |-YAML-LibYAML=affected,epel |l-YAML-LibYAML=affected,epe |-6/perl-YAML-LibYAML=affect |l-7/perl-YAML-LibYAML=affec |ed,epel-7/perl-YAML-LibYAML |ted,jboss/inktank-1.2-libya |=affected,jboss/inktank-1.2 |ml=notaffected |-libyaml=notaffected
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Vincent Danen vdanen@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1172344 Depends On| |1172345 Depends On| |1172346 Depends On| |1172347
https://bugzilla.redhat.com/show_bug.cgi?id=1169369 Bug 1169369 depends on bug 1169750, which changed state.
Bug 1169750 Summary: CVE-2014-9130 perl-YAML-LibYAML: libyaml: assert failure when processing wrapped strings [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1169750
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #10 from Fedora Update System updates@fedoraproject.org --- perl-YAML-LibYAML-0.54-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #11 from Fedora Update System updates@fedoraproject.org --- perl-YAML-LibYAML-0.54-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1169369 Bug 1169369 depends on bug 1169371, which changed state.
Bug 1169371 Summary: CVE-2014-9130 libyaml: assert failure when processing wrapped strings [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1169371
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #12 from Fedora Update System updates@fedoraproject.org --- libyaml-0.1.6-6.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #13 from Fedora Update System updates@fedoraproject.org --- libyaml-0.1.6-2.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #14 from Fedora Update System updates@fedoraproject.org --- perl-YAML-LibYAML-0.54-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #15 from Fedora Update System updates@fedoraproject.org --- libyaml-0.1.6-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1169369 Bug 1169369 depends on bug 1169372, which changed state.
Bug 1169372 Summary: CVE-2014-9130 libyaml: assert failure when processing wrapped strings [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1169372
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #16 from Fedora Update System updates@fedoraproject.org --- libyaml-0.1.2-8.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1169369 Bug 1169369 depends on bug 1169801, which changed state.
Bug 1169801 Summary: CVE-2014-9130 perl-YAML-LibYAML: libyaml: assert failure when processing wrapped strings [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1169801
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #17 from Fedora Update System updates@fedoraproject.org --- perl-YAML-LibYAML-0.54-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1169369 Bug 1169369 depends on bug 1169751, which changed state.
Bug 1169751 Summary: CVE-2014-9130 perl-YAML-LibYAML: libyaml: assert failure when processing wrapped strings [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1169751
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #18 from Fedora Update System updates@fedoraproject.org --- perl-YAML-LibYAML-0.38-5.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Vincent Danen vdanen@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=affect |E-617,rhel-6/libyaml=affect |ed,rhel-7/libyaml=affected, |ed,rhel-7/libyaml=affected, |rhscl-1/libyaml=defer,fedor |rhscl-1/libyaml=affected,fe |a-all/libyaml=affected,epel |dora-all/libyaml=affected,e |-all/libyaml=affected,mrg-1 |pel-all/libyaml=affected,mr |/libyaml=wontfix,mrg-2/liby |g-1/libyaml=wontfix,mrg-2/l |aml=wontfix,rhn_satellite_5 |ibyaml=wontfix,rhn_satellit |.3/libyaml=defer,rhn_satell |e_5.3/libyaml=defer,rhn_sat |ite_5.4/libyaml=defer,rhn_s |ellite_5.4/libyaml=defer,rh |atellite_5.5/libyaml=defer, |n_satellite_5.5/libyaml=def |rhn_satellite_5.6/libyaml=d |er,rhn_satellite_5.6/libyam |efer,rhn_satellite_6/libyam |l=defer,rhn_satellite_6/lib |l=defer,rhn_satellite_6/rub |yaml=defer,rhn_satellite_6/ |y193-libyaml=defer,rhui-2/l |ruby193-libyaml=defer,rhui- |ibyaml=affected,sam-1/libya |2/libyaml=affected,sam-1/li |ml=defer,cfme-5/mingw-libya |byaml=defer,cfme-5/mingw-li |ml=defer,cfme-5/ruby193-lib |byaml=defer,cfme-5/ruby193- |yaml=defer,openstack-4/liby |libyaml=defer,openstack-4/l |aml=new,openstack-5/libyaml |ibyaml=new,openstack-5/liby |=new,openshift-1/ruby193-li |aml=new,openshift-1/ruby193 |byaml=defer,fedora-all/perl |-libyaml=defer,fedora-all/p |-YAML-LibYAML=affected,epel |erl-YAML-LibYAML=affected,e |-6/perl-YAML-LibYAML=affect |pel-6/perl-YAML-LibYAML=aff |ed,epel-7/perl-YAML-LibYAML |ected,epel-7/perl-YAML-LibY |=affected,jboss/inktank-1.2 |AML=affected,jboss/inktank- |-libyaml=notaffected |1.2-libyaml=notaffected
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Vincent Danen vdanen@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1182257 Depends On| |1182258
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Doc Text *updated* by Martin Prpic mprpic@redhat.com --- An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Garth Mollett gmollett@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |gmollett@redhat.com Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=affect |E-617,rhel-6/libyaml=affect |ed,rhel-7/libyaml=affected, |ed,rhel-7/libyaml=affected, |rhscl-1/libyaml=affected,fe |rhscl-1/libyaml=affected,fe |dora-all/libyaml=affected,e |dora-all/libyaml=affected,e |pel-all/libyaml=affected,mr |pel-all/libyaml=affected,mr |g-1/libyaml=wontfix,mrg-2/l |g-1/libyaml=wontfix,mrg-2/l |ibyaml=wontfix,rhn_satellit |ibyaml=wontfix,rhn_satellit |e_5.3/libyaml=defer,rhn_sat |e_5.3/libyaml=defer,rhn_sat |ellite_5.4/libyaml=defer,rh |ellite_5.4/libyaml=defer,rh |n_satellite_5.5/libyaml=def |n_satellite_5.5/libyaml=def |er,rhn_satellite_5.6/libyam |er,rhn_satellite_5.6/libyam |l=defer,rhn_satellite_6/lib |l=defer,rhn_satellite_6/lib |yaml=defer,rhn_satellite_6/ |yaml=defer,rhn_satellite_6/ |ruby193-libyaml=defer,rhui- |ruby193-libyaml=defer,rhui- |2/libyaml=affected,sam-1/li |2/libyaml=affected,sam-1/li |byaml=defer,cfme-5/mingw-li |byaml=defer,cfme-5/mingw-li |byaml=defer,cfme-5/ruby193- |byaml=defer,cfme-5/ruby193- |libyaml=defer,openstack-4/l |libyaml=defer,openstack-4/l |ibyaml=new,openstack-5/liby |ibyaml=affected,openstack-5 |aml=new,openshift-1/ruby193 |/libyaml=affected,openshift |-libyaml=defer,fedora-all/p |-1/ruby193-libyaml=defer,fe |erl-YAML-LibYAML=affected,e |dora-all/perl-YAML-LibYAML= |pel-6/perl-YAML-LibYAML=aff |affected,epel-6/perl-YAML-L |ected,epel-7/perl-YAML-LibY |ibYAML=affected,epel-7/perl |AML=affected,jboss/inktank- |-YAML-LibYAML=affected,jbos |1.2-libyaml=notaffected |s/inktank-1.2-libyaml=notaf | |fected
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Garth Mollett gmollett@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1184701 Depends On| |1184702 Depends On| |1184703
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Garth Mollett gmollett@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=affect |E-617,rhel-6/libyaml=affect |ed,rhel-7/libyaml=affected, |ed,rhel-7/libyaml=affected, |rhscl-1/libyaml=affected,fe |rhscl-1/libyaml=affected,fe |dora-all/libyaml=affected,e |dora-all/libyaml=affected,e |pel-all/libyaml=affected,mr |pel-all/libyaml=affected,mr |g-1/libyaml=wontfix,mrg-2/l |g-1/libyaml=wontfix,mrg-2/l |ibyaml=wontfix,rhn_satellit |ibyaml=wontfix,rhn_satellit |e_5.3/libyaml=defer,rhn_sat |e_5.3/libyaml=defer,rhn_sat |ellite_5.4/libyaml=defer,rh |ellite_5.4/libyaml=defer,rh |n_satellite_5.5/libyaml=def |n_satellite_5.5/libyaml=def |er,rhn_satellite_5.6/libyam |er,rhn_satellite_5.6/libyam |l=defer,rhn_satellite_6/lib |l=defer,rhn_satellite_6/lib |yaml=defer,rhn_satellite_6/ |yaml=defer,rhn_satellite_6/ |ruby193-libyaml=defer,rhui- |ruby193-libyaml=defer,rhui- |2/libyaml=affected,sam-1/li |2/libyaml=affected,sam-1/li |byaml=defer,cfme-5/mingw-li |byaml=defer,cfme-5/mingw-li |byaml=defer,cfme-5/ruby193- |byaml=defer,cfme-5/ruby193- |libyaml=defer,openstack-4/l |libyaml=defer,openstack-4/l |ibyaml=affected,openstack-5 |ibyaml=affected,openstack-5 |/libyaml=affected,openshift |-rhel6/libyaml=affected,ope |-1/ruby193-libyaml=defer,fe |nshift-1/ruby193-libyaml=de |dora-all/perl-YAML-LibYAML= |fer,fedora-all/perl-YAML-Li |affected,epel-6/perl-YAML-L |bYAML=affected,epel-6/perl- |ibYAML=affected,epel-7/perl |YAML-LibYAML=affected,epel- |-YAML-LibYAML=affected,jbos |7/perl-YAML-LibYAML=affecte |s/inktank-1.2-libyaml=notaf |d,jboss/inktank-1.2-libyaml |fected |=notaffected
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #21 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6
Via RHSA-2015:0100 https://rhn.redhat.com/errata/RHSA-2015-0100.html
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #22 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections 1 for Red Hat Enterprise Linux 6
Via RHSA-2015:0112 https://rhn.redhat.com/errata/RHSA-2015-0112.html
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
--- Comment #23 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
OpenStack 5 for RHEL 6 OpenStack 4 for RHEL 6
Via RHSA-2015:0260 https://rhn.redhat.com/errata/RHSA-2015-0260.html
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Tomas Hoger thoger@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-sec,cvss2=4.3/AV:N/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |C:M/Au:N/C:N/I:N/A:P,cwe=CW |E-617,rhel-6/libyaml=affect |E-617,rhel-6/libyaml=affect |ed,rhel-7/libyaml=affected, |ed,rhel-7/libyaml=affected, |rhscl-1/libyaml=affected,fe |rhscl-1/libyaml=affected,fe |dora-all/libyaml=affected,e |dora-all/libyaml=affected,e |pel-all/libyaml=affected,mr |pel-all/libyaml=affected,mr |g-1/libyaml=wontfix,mrg-2/l |g-1/libyaml=wontfix,mrg-2/l |ibyaml=wontfix,rhn_satellit |ibyaml=wontfix,rhn_satellit |e_5.3/libyaml=defer,rhn_sat |e_5.3/libyaml=wontfix,rhn_s |ellite_5.4/libyaml=defer,rh |atellite_5.4/libyaml=wontfi |n_satellite_5.5/libyaml=def |x,rhn_satellite_5.5/libyaml |er,rhn_satellite_5.6/libyam |=wontfix,rhn_satellite_5.6/ |l=defer,rhn_satellite_6/lib |libyaml=defer,rhn_satellite |yaml=defer,rhn_satellite_6/ |_5.7/libyaml=defer,rhn_sate |ruby193-libyaml=defer,rhui- |llite_6/libyaml=defer,rhn_s |2/libyaml=affected,sam-1/li |atellite_6/ruby193-libyaml= |byaml=defer,cfme-5/mingw-li |defer,rhui-2/libyaml=affect |byaml=defer,cfme-5/ruby193- |ed,sam-1/libyaml=defer,cfme |libyaml=defer,openstack-4/l |-5/mingw-libyaml=defer,cfme |ibyaml=affected,openstack-5 |-5/ruby193-libyaml=defer,op |-rhel6/libyaml=affected,ope |enstack-4/libyaml=affected, |nshift-1/ruby193-libyaml=de |openstack-5-rhel6/libyaml=a |fer,fedora-all/perl-YAML-Li |ffected,openshift-1/ruby193 |bYAML=affected,epel-6/perl- |-libyaml=defer,fedora-all/p |YAML-LibYAML=affected,epel- |erl-YAML-LibYAML=affected,e |7/perl-YAML-LibYAML=affecte |pel-6/perl-YAML-LibYAML=aff |d,jboss/inktank-1.2-libyaml |ected,epel-7/perl-YAML-LibY |=notaffected |AML=affected,jboss/inktank- | |1.2-libyaml=notaffected
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-sec,cvss2=4.3/AV:N/A |ce=oss-security,cvss2=4.3/A |C:M/Au:N/C:N/I:N/A:P,cwe=CW |V:N/AC:M/Au:N/C:N/I:N/A:P,c |E-617,rhel-6/libyaml=affect |we=CWE-617,rhel-6/libyaml=a |ed,rhel-7/libyaml=affected, |ffected,rhel-7/libyaml=affe |rhscl-1/libyaml=affected,fe |cted,rhscl-1/libyaml=affect |dora-all/libyaml=affected,e |ed,fedora-all/libyaml=affec |pel-all/libyaml=affected,mr |ted,epel-all/libyaml=affect |g-1/libyaml=wontfix,mrg-2/l |ed,mrg-1/libyaml=wontfix,mr |ibyaml=wontfix,rhn_satellit |g-2/libyaml=wontfix,rhn_sat |e_5.3/libyaml=wontfix,rhn_s |ellite_5.3/libyaml=wontfix, |atellite_5.4/libyaml=wontfi |rhn_satellite_5.4/libyaml=w |x,rhn_satellite_5.5/libyaml |ontfix,rhn_satellite_5.5/li |=wontfix,rhn_satellite_5.6/ |byaml=wontfix,rhn_satellite |libyaml=defer,rhn_satellite |_5.6/libyaml=defer,rhn_sate |_5.7/libyaml=defer,rhn_sate |llite_5.7/libyaml=defer,rhn |llite_6/libyaml=defer,rhn_s |_satellite_6/libyaml=defer, |atellite_6/ruby193-libyaml= |rhn_satellite_6/ruby193-lib |defer,rhui-2/libyaml=affect |yaml=defer,rhui-2/libyaml=a |ed,sam-1/libyaml=defer,cfme |ffected,sam-1/libyaml=defer |-5/mingw-libyaml=defer,cfme |,cfme-5/mingw-libyaml=defer |-5/ruby193-libyaml=defer,op |,cfme-5/ruby193-libyaml=def |enstack-4/libyaml=affected, |er,openstack-4/libyaml=affe |openstack-5-rhel6/libyaml=a |cted,openstack-5-rhel6/liby |ffected,openshift-1/ruby193 |aml=affected,openshift-1/ru |-libyaml=defer,fedora-all/p |by193-libyaml=defer,fedora- |erl-YAML-LibYAML=affected,e |all/perl-YAML-LibYAML=affec |pel-6/perl-YAML-LibYAML=aff |ted,epel-6/perl-YAML-LibYAM |ected,epel-7/perl-YAML-LibY |L=affected,epel-7/perl-YAML |AML=affected,jboss/inktank- |-LibYAML=affected,jboss/ink |1.2-libyaml=notaffected |tank-1.2-libyaml=notaffecte | |d
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Vincent Danen vdanen@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-security,cvss2=4.3/A |ce=oss-security,cvss2=4.3/A |V:N/AC:M/Au:N/C:N/I:N/A:P,c |V:N/AC:M/Au:N/C:N/I:N/A:P,c |we=CWE-617,rhel-6/libyaml=a |we=CWE-617,rhel-6/libyaml=a |ffected,rhel-7/libyaml=affe |ffected,rhel-7/libyaml=nota |cted,rhscl-1/libyaml=affect |ffected,rhscl-1/libyaml=aff |ed,fedora-all/libyaml=affec |ected,fedora-all/libyaml=af |ted,epel-all/libyaml=affect |fected,epel-all/libyaml=aff |ed,mrg-1/libyaml=wontfix,mr |ected,mrg-1/libyaml=wontfix |g-2/libyaml=wontfix,rhn_sat |,mrg-2/libyaml=wontfix,rhn_ |ellite_5.3/libyaml=wontfix, |satellite_5.3/libyaml=wontf |rhn_satellite_5.4/libyaml=w |ix,rhn_satellite_5.4/libyam |ontfix,rhn_satellite_5.5/li |l=wontfix,rhn_satellite_5.5 |byaml=wontfix,rhn_satellite |/libyaml=wontfix,rhn_satell |_5.6/libyaml=defer,rhn_sate |ite_5.6/libyaml=defer,rhn_s |llite_5.7/libyaml=defer,rhn |atellite_5.7/libyaml=defer, |_satellite_6/libyaml=defer, |rhn_satellite_6/libyaml=def |rhn_satellite_6/ruby193-lib |er,rhn_satellite_6/ruby193- |yaml=defer,rhui-2/libyaml=a |libyaml=defer,rhui-2/libyam |ffected,sam-1/libyaml=defer |l=affected,sam-1/libyaml=de |,cfme-5/mingw-libyaml=defer |fer,cfme-5/mingw-libyaml=de |,cfme-5/ruby193-libyaml=def |fer,cfme-5/ruby193-libyaml= |er,openstack-4/libyaml=affe |defer,openstack-4/libyaml=a |cted,openstack-5-rhel6/liby |ffected,openstack-5-rhel6/l |aml=affected,openshift-1/ru |ibyaml=affected,openshift-1 |by193-libyaml=defer,fedora- |/ruby193-libyaml=defer,fedo |all/perl-YAML-LibYAML=affec |ra-all/perl-YAML-LibYAML=af |ted,epel-6/perl-YAML-LibYAM |fected,epel-6/perl-YAML-Lib |L=affected,epel-7/perl-YAML |YAML=affected,epel-7/perl-Y |-LibYAML=affected,jboss/ink |AML-LibYAML=affected,jboss/ |tank-1.2-libyaml=notaffecte |inktank-1.2-libyaml=notaffe |d |cted
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Vincent Danen vdanen@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-security,cvss2=4.3/A |ce=oss-security,cvss2=4.3/A |V:N/AC:M/Au:N/C:N/I:N/A:P,c |V:N/AC:M/Au:N/C:N/I:N/A:P,c |we=CWE-617,rhel-6/libyaml=a |we=CWE-617,rhel-6/libyaml=n |ffected,rhel-7/libyaml=nota |otaffected,rhel-7/libyaml=n |ffected,rhscl-1/libyaml=aff |otaffected,rhscl-1/libyaml= |ected,fedora-all/libyaml=af |affected,fedora-all/libyaml |fected,epel-all/libyaml=aff |=affected,epel-all/libyaml= |ected,mrg-1/libyaml=wontfix |affected,mrg-1/libyaml=wont |,mrg-2/libyaml=wontfix,rhn_ |fix,mrg-2/libyaml=wontfix,r |satellite_5.3/libyaml=wontf |hn_satellite_5.3/libyaml=wo |ix,rhn_satellite_5.4/libyam |ntfix,rhn_satellite_5.4/lib |l=wontfix,rhn_satellite_5.5 |yaml=wontfix,rhn_satellite_ |/libyaml=wontfix,rhn_satell |5.5/libyaml=wontfix,rhn_sat |ite_5.6/libyaml=defer,rhn_s |ellite_5.6/libyaml=defer,rh |atellite_5.7/libyaml=defer, |n_satellite_5.7/libyaml=def |rhn_satellite_6/libyaml=def |er,rhn_satellite_6/libyaml= |er,rhn_satellite_6/ruby193- |defer,rhn_satellite_6/ruby1 |libyaml=defer,rhui-2/libyam |93-libyaml=defer,rhui-2/lib |l=affected,sam-1/libyaml=de |yaml=affected,sam-1/libyaml |fer,cfme-5/mingw-libyaml=de |=defer,cfme-5/mingw-libyaml |fer,cfme-5/ruby193-libyaml= |=defer,cfme-5/ruby193-libya |defer,openstack-4/libyaml=a |ml=defer,openstack-4/libyam |ffected,openstack-5-rhel6/l |l=affected,openstack-5-rhel |ibyaml=affected,openshift-1 |6/libyaml=affected,openshif |/ruby193-libyaml=defer,fedo |t-1/ruby193-libyaml=defer,f |ra-all/perl-YAML-LibYAML=af |edora-all/perl-YAML-LibYAML |fected,epel-6/perl-YAML-Lib |=affected,epel-6/perl-YAML- |YAML=affected,epel-7/perl-Y |LibYAML=affected,epel-7/per |AML-LibYAML=affected,jboss/ |l-YAML-LibYAML=affected,jbo |inktank-1.2-libyaml=notaffe |ss/inktank-1.2-libyaml=nota |cted |ffected
https://bugzilla.redhat.com/show_bug.cgi?id=1169369
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1126,reported=20141201,sour |1126,reported=20141201,sour |ce=oss-security,cvss2=4.3/A |ce=oss-security,cvss2=4.3/A |V:N/AC:M/Au:N/C:N/I:N/A:P,c |V:N/AC:M/Au:N/C:N/I:N/A:P,c |we=CWE-617,rhel-6/libyaml=n |we=CWE-617,rhel-6/libyaml=a |otaffected,rhel-7/libyaml=n |ffected,rhel-7/libyaml=affe |otaffected,rhscl-1/libyaml= |cted,rhscl-1/libyaml=affect |affected,fedora-all/libyaml |ed,fedora-all/libyaml=affec |=affected,epel-all/libyaml= |ted,epel-all/libyaml=affect |affected,mrg-1/libyaml=wont |ed,mrg-1/libyaml=wontfix,mr |fix,mrg-2/libyaml=wontfix,r |g-2/libyaml=wontfix,rhn_sat |hn_satellite_5.3/libyaml=wo |ellite_5.3/libyaml=wontfix, |ntfix,rhn_satellite_5.4/lib |rhn_satellite_5.4/libyaml=w |yaml=wontfix,rhn_satellite_ |ontfix,rhn_satellite_5.5/li |5.5/libyaml=wontfix,rhn_sat |byaml=wontfix,rhn_satellite |ellite_5.6/libyaml=defer,rh |_5.6/libyaml=defer,rhn_sate |n_satellite_5.7/libyaml=def |llite_5.7/libyaml=defer,rhn |er,rhn_satellite_6/libyaml= |_satellite_6/libyaml=defer, |defer,rhn_satellite_6/ruby1 |rhn_satellite_6/ruby193-lib |93-libyaml=defer,rhui-2/lib |yaml=defer,rhui-2/libyaml=a |yaml=affected,sam-1/libyaml |ffected,sam-1/libyaml=defer |=defer,cfme-5/mingw-libyaml |,cfme-5/mingw-libyaml=defer |=defer,cfme-5/ruby193-libya |,cfme-5/ruby193-libyaml=def |ml=defer,openstack-4/libyam |er,openstack-4/libyaml=affe |l=affected,openstack-5-rhel |cted,openstack-5-rhel6/liby |6/libyaml=affected,openshif |aml=affected,openshift-1/ru |t-1/ruby193-libyaml=defer,f |by193-libyaml=defer,fedora- |edora-all/perl-YAML-LibYAML |all/perl-YAML-LibYAML=affec |=affected,epel-6/perl-YAML- |ted,epel-6/perl-YAML-LibYAM |LibYAML=affected,epel-7/per |L=affected,epel-7/perl-YAML |l-YAML-LibYAML=affected,jbo |-LibYAML=affected,jboss/ink |ss/inktank-1.2-libyaml=nota |tank-1.2-libyaml=notaffecte |ffected |d
perl-devel@lists.fedoraproject.org