Register | Log in

yaml-cpp

Choose email to subscribe with

general

source: yaml-cpp (main)
version: 0.6.3-9
maintainer: Simon Quigley (DMD)
uploaders: Gianfranco Costamagna [DMD]
arch: any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.5.1-1
oldstable: 0.5.2-4
stable: 0.6.2-4
testing: 0.6.3-8
unstable: 0.6.3-9

versioned links

0.5.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.5.2-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.2-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.3-8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.3-9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libyaml-cpp-dev
libyaml-cpp0.6

action needed

Multiarch hinter reports 1 issue(s) normal

There are issues with the multiarch metadata for this package.

libyaml-cpp-dev could be marked Multi-Arch: same

Created: 2020-05-09 Last update: 2020-05-31 18:31

6 ignored security issues in buster low

There are 6 open security issues in buster.

6 issues skipped by the security teams:

CVE-2018-20574: The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2018-20573: The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2017-11692: The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.
CVE-2017-5950: The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2019-6292: An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote attackers could leverage this vulnerability to cause a denial-of-service via a cpp file.
CVE-2019-6285: The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

Please fix them.

Created: 2017-06-18 Last update: 2020-05-29 18:00

6 ignored security issues in jessie low

There are 6 open security issues in jessie.

6 issues skipped by the security teams:

CVE-2018-20574: The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2018-20573: The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2017-11692: The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.
CVE-2017-5950: The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2019-6292: An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote attackers could leverage this vulnerability to cause a denial-of-service via a cpp file.
CVE-2019-6285: The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

Please fix them.

Created: 2017-04-03 Last update: 2020-05-29 18:00

6 ignored security issues in stretch low

There are 6 open security issues in stretch.

6 issues skipped by the security teams:

CVE-2018-20574: The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2018-20573: The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2017-11692: The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.
CVE-2017-5950: The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2019-6292: An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote attackers could leverage this vulnerability to cause a denial-of-service via a cpp file.
CVE-2019-6285: The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

Please fix them.

Created: 2017-04-03 Last update: 2020-05-29 18:00

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2014-07-02 Last update: 2020-05-19 20:02

testing migrations

excuses:
- Migration status for yaml-cpp (0.6.3-8 to 0.6.3-9): Waiting for test results, another package or too young (no action required now - check later)
- Issues preventing migration:
- Too young, only 3 of 5 days old
- Additional info:
- Piuparts tested OK - https://piuparts.debian.org/sid/source/y/yaml-cpp.html
- Not considered

news

[2020-05-29] Accepted yaml-cpp 0.6.3-9 (source) into unstable (Gianfranco Costamagna)
[2020-05-24] yaml-cpp 0.6.3-8 MIGRATED to testing (Debian testing watch)
[2020-05-19] Accepted yaml-cpp 0.6.3-8 (source) into unstable (Gianfranco Costamagna)
[2020-05-19] yaml-cpp 0.6.3-7 MIGRATED to testing (Debian testing watch)
[2020-05-13] Accepted yaml-cpp 0.6.3-7 (source) into unstable (Gianfranco Costamagna)
[2020-05-10] Accepted yaml-cpp 0.6.3-6 (source) into unstable (Simon Quigley)
[2020-05-09] Accepted yaml-cpp 0.6.3-5 (source) into unstable (Gianfranco Costamagna)
[2020-05-08] Accepted yaml-cpp 0.6.3-4 (source) into unstable (Gianfranco Costamagna)
[2020-05-08] Accepted yaml-cpp 0.6.3-2 (source) into unstable (Gianfranco Costamagna)
[2020-05-08] Accepted yaml-cpp 0.6.3-1.2 (source) into unstable (Gianfranco Costamagna)
[2020-05-08] Accepted yaml-cpp 0.6.3-1.1 (source) into unstable (Gianfranco Costamagna)
[2020-04-30] Accepted yaml-cpp 0.6.3-1 (source) into unstable (Simon Quigley)
[2019-01-13] yaml-cpp 0.6.2-4 MIGRATED to testing (Debian testing watch)
[2019-01-07] Accepted yaml-cpp 0.6.2-4 (source) into unstable (Simon Quigley)
[2019-01-05] Accepted yaml-cpp 0.6.2-3 (source) into experimental (Simon Quigley)
[2018-12-24] Accepted yaml-cpp 0.6.2-2 (source) into experimental (Simon Quigley)
[2018-12-12] yaml-cpp 0.5.3-0.2 MIGRATED to testing (Debian testing watch)
[2018-12-03] Accepted yaml-cpp 0.6.2-1 (source amd64) into experimental, experimental (Simon Quigley)
[2018-11-23] Accepted yaml-cpp 0.5.3-0.2 (source amd64) into unstable, unstable (Julian Andres Klode)
[2018-11-19] Accepted yaml-cpp 0.5.3-0.1 (source) into unstable (Boyuan Yang)
[2018-11-19] Accepted yaml-cpp 0.5.2-4.1 (source) into unstable (Boyuan Yang)
[2016-10-18] yaml-cpp 0.5.2-4 MIGRATED to testing (Debian testing watch)
[2016-10-13] Accepted yaml-cpp 0.5.2-4 (source amd64) into unstable (Paul Novotny)
[2016-07-08] yaml-cpp 0.5.2-3.1 MIGRATED to testing (Debian testing watch)
[2016-07-02] Accepted yaml-cpp 0.5.2-3.1 (source) into unstable (Christian Hofstaedtler)
[2015-12-06] yaml-cpp 0.5.2-3 MIGRATED to testing (Debian testing watch)
[2015-12-01] Accepted yaml-cpp 0.5.2-3 (source amd64) into unstable (Paul Novotny)
[2015-09-10] yaml-cpp 0.5.2-2 MIGRATED to testing (Britney)
[2015-09-04] Accepted yaml-cpp 0.5.2-2 (amd64 source) into unstable, unstable (Paul Novotny) (signed by: Simon McVittie)
[2015-05-02] yaml-cpp 0.5.2-1 MIGRATED to testing (Britney)

1
2

bugs [bug history graph]

all: 0

links

homepage
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.6.3-9

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing