Ubuntu
libyaml package

lp://qastaging/ubuntu/utopic-updates/libyaml

Utopic (14.10)
utopic-updates

Created by Ubuntu Package Importer on 2015-01-12 and last modified on 2015-01-12

Get this branch:: bzr branch lp://qastaging/ubuntu/utopic-updates/libyaml

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

13. By Steve Beattie on 2015-01-08: * SECURITY UPDATE: denial of service via triggered assertion
- debian/patches/CVE-2014-9130.patch: remove assertion
- CVE-2014-9130
12. By Anders Kaseorg on 2014-08-19: * New upstream version 0.1.6.
  + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML
    tags.
  + Fix CVE-2014-2525: heap-based buffer overflow in
    yaml_parser_scan_uri_escapes.
* Drop upstreamed patches.
* Run tests at build time.
* Bump Standards-Version to 3.9.5 (no changes needed).
* Use dh-autoreconf. (Closes: #745078)
* Use dh-buildinfo.
* Add libyaml-doc package for Doxygen-generated API documentation and
  examples. (Closes: #696821)
* Acknowledge NMUs.
11. By Marc Deslauriers on 2014-04-02: * SECURITY UPDATE: denial of service and possible code execution via
  heap overflow in yaml_parser_scan_uri_escapes
  - debian/patches/CVE-2014-2525.patch: properly handle memory in
    src/scanner.c, src/yaml_private.h.
  - CVE-2014-2525
10. By Marc Deslauriers on 2014-02-13: * SECURITY REGRESSION: parsing regression in security update
  (LP: #1279805)
  - debian/patches/CVE-2013-6393.patch: use upstream commits from 0.1.5.
  - debian/patches/libyaml-string-overflow.patch: removed
  - debian/patches/libyaml-node-id-hardening.patch: removed
  - debian/patches/libyaml-indent-column-overflow-v2.patch: removed
9. By Marc Deslauriers on 2014-01-31: * Merge from Debian. Remaining changes:
- debian/{rules,control}: build-depend on dh-autoreconf and use it.
8. By Adam Conrad on 2013-12-12: debian/{rules,control}: build-depend on dh-autoreconf and use it.
7. By Colin Watson on 2012-10-05: Rebuild for new armel compiler default of ARMv5t.
6. By Anders Kaseorg on 2011-12-30: * Remove extra libyaml-0.so symlink from libyaml-dev.
* Bump Debhelper compat level to 9.
* Support multiarch. (Closes: #653748) (LP: #905630)
* Use 3.0 (quilt) source format.
5. By Anders Kaseorg on 2011-05-30: * New upstream version 0.1.4.
  + Fixed a bug that prevented an empty mapping being used as a simple
    key.
  + Fixed pointer overflow when calculating the position of a potential
    simple key.
  + Added pkg-config support. (Closes: #537834)
* Remove unneded libyaml.la file. (Closes: #622452)
* Add libyaml-0-2-dbg package with debugging symbols.
  (Closes: #592747)
* Bumped standards version to 3.9.2 without further change
4. By Anders Kaseorg on 2009-10-04: * New upstream version 0.1.3.
+ This release fixes non-standard structure initialization and a
streaming-related issue.
* Bump priority from extra to optional.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp://qastaging/ubuntu/vivid/libyaml

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntulibyaml package