Ubuntu
snakeyaml package

snakeyaml 1.25+ds-2ubuntu0.1 source package in Ubuntu

Changelog

snakeyaml (1.25+ds-2ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Denial of service due to stack overflow
    - debian/patches/CVE-2022-25857.patch: Restrict nested depth for
      collections to avoid DoS attacks.
    - CVE-2022-25857
    - CVE-2022-38749
  * SECURITY UPDATE: Denial of service due to stack overflow
    - debian/patches/CVE-2022-38750.patch: Adds test for upstream issue 526.
    - CVE-2022-38750
  * SECURITY UPDATE: Denial of service due to stack overflow
    - debian/patches/CVE-2022-38751.patch: Add resolver limits to avoid DoS
      attacks.
    - CVE-2022-38751

 -- Fabian Toepfer <email address hidden>  Thu, 09 Mar 2023 19:41:51 +0100

Upload details

Uploaded by:
Fabian Toepfer
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
java
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal updates universe misc
Focal security universe misc

Builds

Focal: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
snakeyaml_1.25+ds.orig.tar.xz 260.4 KiB 33fec01ea1d180a1f9ae38e1e3d1dab71d7abf5e81e95f4ad3837cf891b909c4
snakeyaml_1.25+ds-2ubuntu0.1.debian.tar.xz 13.0 KiB 7dac7dafa85c40c706c08175485b4e3131ee14acbbe26e2d811961f960c7eff8
snakeyaml_1.25+ds-2ubuntu0.1.dsc 2.5 KiB 600d26102b1347a9fc8b1882930c146d5b8482d0597979e4ad2e003af8f01500

View changes file

Binary packages built by this source

libyaml-snake-java: YAML parser and emitter for the Java programming language

 SnakeYAML is a YAML parser and emitter for the Java programming language.
 .
 SnakeYAML features
 .
  * a complete YAML 1.1 parser. In particular, SnakeYAML can parse all
    examples from the specification.
  * Unicode support including UTF-8/UTF-16 input/output.
  * high-level API for serializing and deserializing native Java objects.
  * support for all types from the YAML types repository.
  * relatively sensible error messages.

libyaml-snake-java-doc: Documentation for SnakeYAML

 SnakeYAML is a YAML parser and emitter for the Java programming
 language.
 .
 This package contains the API documentation of libyaml-snake-java.