freebsd-skq

d/freebsd-skq

Fork 0

Commit Graph

Author	SHA1	Message	Date
bapt	689151cc49	Apply patch for CVE-2013-6393 [1] to fix heap-based buffer overflow when parsing YAML tags. Also apply a patch for hardenning the guards againt the issue The only user in base in yaml is pkg(7) which uses the library a way that it is not affected Submitted by: delphij Obtained from: https://bugzilla.redhat.com/show_bug.cgi?id=1033990 MFC after: 3 days Security: CVE-2013-6393	2014-02-03 08:13:44 +00:00
bapt	6dc0386260	Import libyaml as libbsdyml (private brand name) LibYAML is a YAML 1.1 parser and emitter under MIT license which will soon be used by the pkg boostrap (usr.bin/pkg) and bhyve Reviewed by: roberto, antoine	2013-03-04 11:27:41 +00:00

Author

SHA1

Message

Date

bapt

689151cc49

Apply patch for CVE-2013-6393 [1] to fix heap-based buffer overflow when

parsing YAML tags.
Also apply a patch for hardenning the guards againt the issue

The only user in base in yaml is pkg(7) which uses the library a way that it is not affected

Submitted by:	delphij
Obtained from:	https://bugzilla.redhat.com/show_bug.cgi?id=1033990
MFC after:	3 days
Security:	CVE-2013-6393

2014-02-03 08:13:44 +00:00

bapt

6dc0386260

Import libyaml as libbsdyml (private brand name)

LibYAML is a YAML 1.1 parser and emitter under MIT license which will
soon be used by the pkg boostrap (usr.bin/pkg) and bhyve

Reviewed by:	roberto, antoine

2013-03-04 11:27:41 +00:00

2 Commits