-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 19 Feb 2023 17:05:00 +0100 Source: snakeyaml Architecture: source Version: 1.28-1+deb11u1 Distribution: bullseye Urgency: medium Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Changes: snakeyaml (1.28-1+deb11u1) bullseye; urgency=medium . * Team upload. Fix CVE-2022-25857, CVE-2022-38749, CVE-2022-38750 and CVE-2022-38751. Several security vulnerabilities have been discovered in SnakeYaml, a YAML parser for Java, which could facilitate a denial of service attack whenever maliciously crafted input files are processed by SnakeYaml. Checksums-Sha1: b39656af327c3a3dea6f82e5da26bcaaa19a78a7 2580 snakeyaml_1.28-1+deb11u1.dsc d72d374ec0cb8c7f545c742d0bf70818d85560e9 13608 snakeyaml_1.28-1+deb11u1.debian.tar.xz 3bab66228c775de7b78d03ae2bb9cca36bbb779b 14598 snakeyaml_1.28-1+deb11u1_amd64.buildinfo Checksums-Sha256: edf8d0322cf5f6f486284457daaa4f3ba29e4bffd69d4df5a71d73f9ddf05e84 2580 snakeyaml_1.28-1+deb11u1.dsc 707e4f0b5bcd6f127948f11c7211283f42c173fc3b5f69e9a86c6ab2973d7e5a 13608 snakeyaml_1.28-1+deb11u1.debian.tar.xz 2f44c1904c62998c74c5a60b549492528e4acc9d593ede4f4748874e5b9e28de 14598 snakeyaml_1.28-1+deb11u1_amd64.buildinfo Files: 58e9f2faba98aee9edb4dbc7783e5aaa 2580 java optional snakeyaml_1.28-1+deb11u1.dsc 955e5399040fefd6ddd3f634ecd69804 13608 java optional snakeyaml_1.28-1+deb11u1.debian.tar.xz 17c7123b7b373e1b4065fad235197760 14598 java optional snakeyaml_1.28-1+deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmPyTCpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkDCwQAKWUpw4Ge6Osaji2PvMRbH4eStbgWe4B+IWD JZnUgUxIx9pe7w3vYc27KhGqVxfl1R0soKv6myBVqv1HvM/2FN3x3Z6ToztPRuF4 nk+pj+WYMm478NsgCHVnQ1tfiJK91B+mUQj8HL7mS3ClOwx2hqCM+9dDAbxyixaP iK4/ett9Q6TEvMPfpHnMo/XiEHo+NrBFlgdq5AaMDzDq1AlAV0no0UBvbRxrbjmP NINqq5Tua916s1OBC0muqBy2Wokxo/MgNyk/N8ENaAhSfR9aQnC8Yeam+4SW/U3w NdpoCd39KgOw63ERHgH6GYvJ+e+hftC3dz3R3rEm1M1mT1ediLByUuSlrHZf78qe aHfC8ugacw110dc/lM2OhWXHCUBjcctrIG13t0syxf7qMUsuYzPAk4m0Vvk7o1Uu NUtaLebu83wy81HlcxV2jEdA3gJ5l96kb51MSy5Dw2n14eLvldafr85LwY1q6ceo TFWqWt667xr+aN0StJbCPlCX5e3YWNr4vBDSrmL+vfl/dOWCY5U64e5K/tuqsate kMrc4tq3PJG2i14PNI8wWoyUbrgIcXb9RSAScdMf3XIb5w0OUz98/0VrSrfYEC3R /lOBovXYgnTp1I1Na3sQ7wl1YBiHMfITxDM8TGKtqgcPfYns/mEkt6v3Vnt212wY TZcv+BgV =cFUu -----END PGP SIGNATURE-----