libyaml: add fix for CVE-2014-2525 Security Advisory (47cc7a8d) · Commits · poplar / meta-openembedded

Commit 47cc7a8d authored Oct 29, 2014 by

Kang Kai Committed by Martin Jansa Nov 07, 2014

libyaml: add fix for CVE-2014-2525 Security Advisory

Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function
in LibYAML before 0.1.6 allows context-dependent attackers to execute
arbitrary code via a long sequence of percent-encoded characters in a
URI in a YAML file.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2525



Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>

parent ffb649d0

Hide whitespace changes

Inline Side-by-side

Please register or to comment

Admin message

libyaml: add fix for CVE-2014-2525 Security Advisory