Debian Package Tracker
Register | Log in
Subscribe

yaml-cpp

Choose email to subscribe with

general
  • source: yaml-cpp (main)
  • version: 0.7.0+dfsg-8
  • maintainer: Simon Quigley (DMD)
  • uploaders: Gianfranco Costamagna [DMD]
  • arch: any
  • std-ver: 4.6.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 0.5.2-4
  • oldstable: 0.6.2-4
  • stable: 0.6.3-9
  • testing: 0.7.0+dfsg-8
  • unstable: 0.7.0+dfsg-8
versioned links
  • 0.5.2-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.6.2-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.6.3-9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.7.0+dfsg-8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libyaml-cpp-dev
  • libyaml-cpp0.7
action needed
lintian reports 1 error high
Lintian reports 1 error about this package. You should make the package lintian clean getting rid of them.
Created: 2021-10-23 Last update: 2022-01-01 04:35
Multiarch hinter reports 1 issue(s) normal
There are issues with the multiarch metadata for this package.
  • libyaml-cpp-dev could be marked Multi-Arch: same
Created: 2020-05-09 Last update: 2022-05-26 23:40
6 low-priority security issues in buster low

There are 6 open security issues in buster.

6 issues left for the package maintainer to handle:
  • CVE-2017-5950: (needs triaging) The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
  • CVE-2019-6285: (needs triaging) The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
  • CVE-2019-6292: (needs triaging) An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote attackers could leverage this vulnerability to cause a denial-of-service via a cpp file.
  • CVE-2017-11692: (needs triaging) The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.
  • CVE-2018-20573: (needs triaging) The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
  • CVE-2018-20574: (needs triaging) The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2021-12-05 06:30
Build log checks report 1 warning low
Build log checks report 1 warning
Created: 2014-07-02 Last update: 2021-11-11 21:07
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0).
Created: 2022-05-11 Last update: 2022-05-11 23:24
news
[rss feed]
  • [2021-11-19] yaml-cpp 0.7.0+dfsg-8 MIGRATED to testing (Debian testing watch)
  • [2021-11-13] Accepted yaml-cpp 0.7.0+dfsg-8 (source) into unstable (Gianfranco Costamagna)
  • [2021-11-12] Accepted yaml-cpp 0.7.0+dfsg-7.1 (source) into unstable (Pino Toscano)
  • [2021-11-11] Accepted yaml-cpp 0.7.0+dfsg-7 (source) into unstable (Gianfranco Costamagna)
  • [2021-11-11] Accepted yaml-cpp 0.7.0+dfsg-6 (source) into unstable (Simon Quigley)
  • [2021-10-27] Accepted yaml-cpp 0.7.0+dfsg-5 (source) into experimental (Simon Quigley)
  • [2021-10-19] Accepted yaml-cpp 0.7.0+dfsg-4 (source) into experimental (Simon Quigley)
  • [2021-10-17] Accepted yaml-cpp 0.7.0+dfsg-3 (source) into experimental (Simon Quigley)
  • [2021-10-13] Accepted yaml-cpp 0.7.0+dfsg-2 (source) into experimental (Simon Quigley)
  • [2021-10-06] Accepted yaml-cpp 0.7.0+dfsg-1 (source amd64) into experimental, experimental (Debian FTP Masters) (signed by: Simon Quigley)
  • [2021-08-16] yaml-cpp 0.6.3-10 MIGRATED to testing (Debian testing watch)
  • [2021-04-21] Accepted yaml-cpp 0.6.3-10 (source) into unstable (Matthias Klose) (signed by: Gianfranco Costamagna)
  • [2020-06-03] yaml-cpp 0.6.3-9 MIGRATED to testing (Debian testing watch)
  • [2020-05-29] Accepted yaml-cpp 0.6.3-9 (source) into unstable (Gianfranco Costamagna)
  • [2020-05-24] yaml-cpp 0.6.3-8 MIGRATED to testing (Debian testing watch)
  • [2020-05-19] Accepted yaml-cpp 0.6.3-8 (source) into unstable (Gianfranco Costamagna)
  • [2020-05-19] yaml-cpp 0.6.3-7 MIGRATED to testing (Debian testing watch)
  • [2020-05-13] Accepted yaml-cpp 0.6.3-7 (source) into unstable (Gianfranco Costamagna)
  • [2020-05-10] Accepted yaml-cpp 0.6.3-6 (source) into unstable (Simon Quigley)
  • [2020-05-09] Accepted yaml-cpp 0.6.3-5 (source) into unstable (Gianfranco Costamagna)
  • [2020-05-08] Accepted yaml-cpp 0.6.3-4 (source) into unstable (Gianfranco Costamagna)
  • [2020-05-08] Accepted yaml-cpp 0.6.3-2 (source) into unstable (Gianfranco Costamagna)
  • [2020-05-08] Accepted yaml-cpp 0.6.3-1.2 (source) into unstable (Gianfranco Costamagna)
  • [2020-05-08] Accepted yaml-cpp 0.6.3-1.1 (source) into unstable (Gianfranco Costamagna)
  • [2020-04-30] Accepted yaml-cpp 0.6.3-1 (source) into unstable (Simon Quigley)
  • [2019-01-13] yaml-cpp 0.6.2-4 MIGRATED to testing (Debian testing watch)
  • [2019-01-07] Accepted yaml-cpp 0.6.2-4 (source) into unstable (Simon Quigley)
  • [2019-01-05] Accepted yaml-cpp 0.6.2-3 (source) into experimental (Simon Quigley)
  • [2018-12-24] Accepted yaml-cpp 0.6.2-2 (source) into experimental (Simon Quigley)
  • [2018-12-12] yaml-cpp 0.5.3-0.2 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 0
links
  • homepage
  • lintian (1, 0)
  • buildd: logs, checks, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 0.7.0+dfsg-8build1

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing