Register | Log in

yaml-cpp

Choose email to subscribe with

general

source: yaml-cpp (main)
version: 0.6.3-9
maintainer: Simon Quigley (DMD)
uploaders: Gianfranco Costamagna [DMD]
arch: any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.5.1-1
oldstable: 0.5.2-4
stable: 0.6.2-4
testing: 0.6.3-9
unstable: 0.6.3-9

versioned links

0.5.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.5.2-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.2-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.6.3-9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libyaml-cpp-dev
libyaml-cpp0.6

action needed

Multiarch hinter reports 1 issue(s) normal

There are issues with the multiarch metadata for this package.

libyaml-cpp-dev could be marked Multi-Arch: same

Created: 2020-05-09 Last update: 2020-10-27 16:05

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2020-10-11 Last update: 2020-10-27 13:38

6 ignored security issues in stretch low

There are 6 open security issues in stretch.

6 issues skipped by the security teams:

CVE-2017-11692: The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.
CVE-2017-5950: The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2018-20573: The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2018-20574: The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2019-6285: The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2019-6292: An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote attackers could leverage this vulnerability to cause a denial-of-service via a cpp file.

Please fix them.

Created: 2017-04-03 Last update: 2020-08-07 06:08

6 ignored security issues in buster low

There are 6 open security issues in buster.

6 issues skipped by the security teams:

CVE-2017-11692: The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.
CVE-2017-5950: The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2018-20573: The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2018-20574: The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2019-6285: The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
CVE-2019-6292: An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote attackers could leverage this vulnerability to cause a denial-of-service via a cpp file.

Please fix them.

Created: 2017-06-18 Last update: 2020-08-07 06:08

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2014-07-02 Last update: 2020-05-19 20:02

news

[2020-06-03] yaml-cpp 0.6.3-9 MIGRATED to testing (Debian testing watch)
[2020-05-29] Accepted yaml-cpp 0.6.3-9 (source) into unstable (Gianfranco Costamagna)
[2020-05-24] yaml-cpp 0.6.3-8 MIGRATED to testing (Debian testing watch)
[2020-05-19] Accepted yaml-cpp 0.6.3-8 (source) into unstable (Gianfranco Costamagna)
[2020-05-19] yaml-cpp 0.6.3-7 MIGRATED to testing (Debian testing watch)
[2020-05-13] Accepted yaml-cpp 0.6.3-7 (source) into unstable (Gianfranco Costamagna)
[2020-05-10] Accepted yaml-cpp 0.6.3-6 (source) into unstable (Simon Quigley)
[2020-05-09] Accepted yaml-cpp 0.6.3-5 (source) into unstable (Gianfranco Costamagna)
[2020-05-08] Accepted yaml-cpp 0.6.3-4 (source) into unstable (Gianfranco Costamagna)
[2020-05-08] Accepted yaml-cpp 0.6.3-2 (source) into unstable (Gianfranco Costamagna)
[2020-05-08] Accepted yaml-cpp 0.6.3-1.2 (source) into unstable (Gianfranco Costamagna)
[2020-05-08] Accepted yaml-cpp 0.6.3-1.1 (source) into unstable (Gianfranco Costamagna)
[2020-04-30] Accepted yaml-cpp 0.6.3-1 (source) into unstable (Simon Quigley)
[2019-01-13] yaml-cpp 0.6.2-4 MIGRATED to testing (Debian testing watch)
[2019-01-07] Accepted yaml-cpp 0.6.2-4 (source) into unstable (Simon Quigley)
[2019-01-05] Accepted yaml-cpp 0.6.2-3 (source) into experimental (Simon Quigley)
[2018-12-24] Accepted yaml-cpp 0.6.2-2 (source) into experimental (Simon Quigley)
[2018-12-12] yaml-cpp 0.5.3-0.2 MIGRATED to testing (Debian testing watch)
[2018-12-03] Accepted yaml-cpp 0.6.2-1 (source amd64) into experimental, experimental (Simon Quigley)
[2018-11-23] Accepted yaml-cpp 0.5.3-0.2 (source amd64) into unstable, unstable (Julian Andres Klode)
[2018-11-19] Accepted yaml-cpp 0.5.3-0.1 (source) into unstable (Boyuan Yang)
[2018-11-19] Accepted yaml-cpp 0.5.2-4.1 (source) into unstable (Boyuan Yang)
[2016-10-18] yaml-cpp 0.5.2-4 MIGRATED to testing (Debian testing watch)
[2016-10-13] Accepted yaml-cpp 0.5.2-4 (source amd64) into unstable (Paul Novotny)
[2016-07-08] yaml-cpp 0.5.2-3.1 MIGRATED to testing (Debian testing watch)
[2016-07-02] Accepted yaml-cpp 0.5.2-3.1 (source) into unstable (Christian Hofstaedtler)
[2015-12-06] yaml-cpp 0.5.2-3 MIGRATED to testing (Debian testing watch)
[2015-12-01] Accepted yaml-cpp 0.5.2-3 (source amd64) into unstable (Paul Novotny)
[2015-09-10] yaml-cpp 0.5.2-2 MIGRATED to testing (Britney)
[2015-09-04] Accepted yaml-cpp 0.5.2-2 (amd64 source) into unstable, unstable (Paul Novotny) (signed by: Simon McVittie)

1
2

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.6.3-9

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing