-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 19 Aug 2014 00:03:53 -0400 Source: libyaml Binary: libyaml-0-2 libyaml-0-2-dbg libyaml-dev libyaml-doc Architecture: source all i386 Version: 0.1.6-1 Distribution: unstable Urgency: medium Maintainer: Anders Kaseorg <andersk@mit.edu> Changed-By: Anders Kaseorg <andersk@mit.edu> Description: libyaml-0-2 - Fast YAML 1.1 parser and emitter library libyaml-0-2-dbg - Fast YAML 1.1 parser and emitter library (debugging symbols) libyaml-dev - Fast YAML 1.1 parser and emitter library (development) libyaml-doc - Fast YAML 1.1 parser and emitter library (documentation) Closes: 696821 745078 Changes: libyaml (0.1.6-1) unstable; urgency=medium . * New upstream version 0.1.6. + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags. + Fix CVE-2014-2525: heap-based buffer overflow in yaml_parser_scan_uri_escapes. * Drop upstreamed patches. * Run tests at build time. * Bump Standards-Version to 3.9.5 (no changes needed). * Use dh-autoreconf. (Closes: #745078) * Use dh-buildinfo. * Add libyaml-doc package for Doxygen-generated API documentation and examples. (Closes: #696821) * Acknowledge NMUs. Checksums-Sha1: c3bfd0ecf5be8e4350ff9f07439595ff612a125a 2044 libyaml_0.1.6-1.dsc f3d404e11bec3c4efcddfd14c42d46f1aabe0b5d 503012 libyaml_0.1.6.orig.tar.gz b6d8513d97f8eb27754f348cf7c60d58ab1cd2c6 3640 libyaml_0.1.6-1.debian.tar.xz 7389e2d2d6e954b27f56637033cf0ccdc13eba58 90682 libyaml-doc_0.1.6-1_all.deb b7b336dc1540deb588adc23080ae0726a8780593 51282 libyaml-0-2_0.1.6-1_i386.deb 856768791d30bad196fd9756de8586da0e401983 77054 libyaml-0-2-dbg_0.1.6-1_i386.deb 9070b5cc2cf8309884a2f550c2ad3c40ed66a446 59498 libyaml-dev_0.1.6-1_i386.deb Checksums-Sha256: 22942aa9296265863b911cdca2dfaec72ed8369eb9911519b3bc963fa83fe7f3 2044 libyaml_0.1.6-1.dsc 7da6971b4bd08a986dd2a61353bc422362bd0edcc67d7ebaac68c95f74182749 503012 libyaml_0.1.6.orig.tar.gz 7f89d920e81efd1c4e1c9e0cf4a1e4103f664c1eb51a743c8cad9f5acff356d3 3640 libyaml_0.1.6-1.debian.tar.xz 35e855a0ce29834b9169217281066c108cc20ca4631f86725745013dd22c0f29 90682 libyaml-doc_0.1.6-1_all.deb 660945715f24e4885c28d15b396197b3c28a4cf3adf8e70691d4f2740d9d7aa3 51282 libyaml-0-2_0.1.6-1_i386.deb fec82c74e0bf560c89c4a5a52c663ec71df66f835b23ca407e56c867b1617369 77054 libyaml-0-2-dbg_0.1.6-1_i386.deb 3411a40f63bff827cddbb3e444eb71e61f9bce614cc59a5331644ec288d73929 59498 libyaml-dev_0.1.6-1_i386.deb Files: d6489df7e9e457ba9e0ba07d1b3280a7 90682 doc optional libyaml-doc_0.1.6-1_all.deb 16ecf9a51081da0e65df6eda54b4e354 51282 libs optional libyaml-0-2_0.1.6-1_i386.deb 4a3a917148e5b92e09d10ffa909d0f26 77054 debug extra libyaml-0-2-dbg_0.1.6-1_i386.deb 749b978afd1e2f18094ece3fb97b8432 59498 libdevel optional libyaml-dev_0.1.6-1_i386.deb e204a12a2f7857e584ca6fd9793520fd 2044 libs optional libyaml_0.1.6-1.dsc 5fe00cda18ca5daeb43762b80c38e06e 503012 libs optional libyaml_0.1.6.orig.tar.gz 39591ae86fa3272dc8757fc24cac380b 3640 libs optional libyaml_0.1.6-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJT8udpAAoJEHjX3vua1Zrxi5UP/igvOTVbeegDZIsGnRYj6/+l qZNo5rZsrawwZLtTz9cWv++trGaz9MYZDnQtT8jFJy/Uy72XUJSOityTyq1V3SSH f8KPRsXiowOiVXvrAx7TqqroOusi9yNZt48RkR/1/XL0Qda6rnDECObzMIoeQShj Omm3uKNaynK1d3/Kt4QfDVu2F5MLJa/YsiiNQqAg6FLfXsSBPKpW6lZbvWCzrDvf e2ngj3memgHIhjblRpXg5PK7i/te1wNJUa6LK+xBI/hNKUgbHEo96dh9dwy/0llx 247nijD4H5LPf+gpg/R0dJXDbcQ9IBB2B1Z6Ikq5NtZrMLEgqqia3WJ6mSdS071i SZ1qozrcT4RV79y9HEZCf3vWR2paZMzVE/247SYvJ9XKHkp7elPjp3bJK1Ss0uSo mNgUuMvQFo+1vtLQdZxw0CvS6d44b4+8goVHp+ugc43TGNCRoD17u7tjaW8CVaEv kGm7FpR05QvqeJ34yxZRxM19jVZMgTNX+dAT6JhCh8wD86QIfGAjQ1+R6Zej8hcy OwnTwdE2G5jmQrW+wM0USRXQ1O5rj8QCaO9xOkIXfML7l8S7RK9rRvpEgVvwCXOg VCTjT1495c7+Ws6EmdLriKfyncRaC+toTRx9BimkaeqP6tbZAAgjDa6lFQWPypp2 ZmUEcuwlyvSPprPIU834 =/TRM -----END PGP SIGNATURE-----
