CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

projects / FreeBSD / FreeBSD.git / commit

author	Baptiste Daroussin <bapt@FreeBSD.org>
	Mon, 3 Feb 2014 08:13:44 +0000 (08:13 +0000)
committer	Baptiste Daroussin <bapt@FreeBSD.org>
	Mon, 3 Feb 2014 08:13:44 +0000 (08:13 +0000)
commit	968ba8fe77bbcd9df35cab8a764e3240f4c15563
tree	8ba9c93823518470f81b7d371252c24e5404be42	tree \| snapshot
parent	07561ab459d4eaaeb66a35e3eb8a8e1d5ec1a2b2	commit \| diff
parent	5c7ba42d2e90bdd94bb55c80d0787e998fad44f9	commit \| diff

Apply patch for CVE-2013-6393 [1] to fix heap-based buffer overflow when
parsing YAML tags.
Also apply a patch for hardenning the guards againt the issue

The only user in base in yaml is pkg(7) which uses the library a way that it is not affected

Submitted by: delphij
Obtained from: https://bugzilla.redhat.com/show_bug.cgi?id=1033990
MFC after: 3 days
Security: CVE-2013-6393

contrib/libyaml/src/api.c	diff1 \|	diff2 \|	blob \| history
contrib/libyaml/src/scanner.c	diff1 \|	diff2 \|	blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom

contrib/libyaml/src/api.c	diff1 \|	diff2 \|	blob \| history
contrib/libyaml/src/scanner.c	diff1 \|	diff2 \|	blob \| history