Ubuntu Update For Libyaml USN-2098-2 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

USN-2098-1 fixed a vulnerability in LibYAML. The security fix used introduced a regression that caused parsing failures for certain valid YAML files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Florian Weimer discovered that LibYAML incorrectly handled certain large yaml documents. An attacker could use this issue to cause LibYAML to crash, resulting in a denial of service, or possibly execute arbitrary code.

Affected

libyaml on Ubuntu 13.10 , Ubuntu 12.10 , Ubuntu 12.04 LTS

Severity

Classification

CVSS Base Score: 6.0
AV:L/AC:H/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for acpi-support USN-2297-1
Ubuntu Update for bogofilter vulnerability USN-980-1
Ubuntu Update for cups USN-1207-1
Ubuntu Update for apt USN-1762-1
Ubuntu Update for cups, cupsys vulnerabilities USN-952-1

Ubuntu Update for libyaml USN-2098-2

Take action and discover your vulnerabilities