what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 3115-1

Debian Security Advisory 3115-1
Posted Dec 31, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3115-1 - Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into an application using python-yaml could cause the application to crash.

tags | advisory, python
systems | linux, debian
advisories | CVE-2014-9130
SHA-256 | 49ad22f3dd836f0d44e1d28a7e4a30bff012d8ec8e5bbb52b850fe99bc1e870b

Debian Security Advisory 3115-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3115-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
December 29, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : pyyaml
CVE ID : CVE-2014-9130
Debian Bug : 772815

Jonathan Gray and Stanislaw Pitucha found an assertion failure in the
way wrapped strings are parsed in Python-YAML, a YAML parser and emitter
for Python. An attacker able to load specially crafted YAML input into an
application using python-yaml could cause the application to crash.

For the stable distribution (wheezy), this problem has been fixed in
version 3.10-4+deb7u1.

For the upcoming stable distribution (jessie), this problem has been
fixed in version 3.11-2.

For the unstable distribution (sid), this problem has been fixed in
version 3.11-2.

We recommend that you upgrade your pyyaml packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUochoAAoJEBDCk7bDfE42uksP/iffDvE9L3Wm1DcVVgtWmzgK
Piq6PdO3ztbcSW6av53E5MgVDixQgmyqPluWQOU0GGdcbWtpNBbWw7loyLjeu692
d0pVvxtmDQXWaXMcYTMxPnL6mub6HtIUSxeaymiOSeY7kAaV4HOntPQrivMrPM0n
hlmtQsu6whSXP3BqaXffL9mGeIVfmknGnMOdkJq41nrSJIkjN/BN+jBca8BHhizA
J0ntxYu0CZyLUTKyKWhTTmgxRPWTyyr/+s3a7Xrjn6+Wkj8SF7XP+2NLLLDshY/R
tBSfuRmk+tx/249PTXhLEvQvS7mR+FouMfYHsAJjPtIqmxXk6BkRxI3W4I5felP+
ntAGX22o51SAIrm4fQDKlJW5wDowRu1iP7K8uQx2xWhGLo7w3QIreYU1J/ny6Xpe
Ms57exgDHnYrmJs68bdAKRHTyZScr+4s/DapW/awBBLap3uhU3qjMfnyj4XDhC+u
5gkIcok8uBxvkS4Sh1zkykNJL8efEY0CeyzNiAMwkSG3qfC9EgSQFh7M8bNg6Iie
8gnGy4WpqecY2lpE5ZmAThlsFmoWhIhM6AVRqKqcSYI/2P4qs/mhxTeTqphh7+xe
Fz3r2CNAQtF0T2wU66+BVFg+6IYUkyjHg/GdtGAfvR7UVdNN8fwlao8U+bTaEfD+
EQoTq8Ql4+hnEJR+Sk1r
=Usft
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close