Debian Security Advisory
DSA-2432-1 libyaml-libyaml-perl -- format string vulnerabilities
- Date Reported:
- 12 Mar 2012
- Affected Packages:
- libyaml-libyaml-perl
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 661548.
In Mitre's CVE dictionary: CVE-2012-1152. - More information:
-
Dominic Hargreaves and Niko Tyni discovered two format string vulnerabilities in YAML::LibYAML, a Perl interface to the libyaml library.
For the stable distribution (squeeze), this problem has been fixed in version 0.33-1+squeeze1.
For the unstable distribution (sid), this problem has been fixed in version 0.38-2.
We recommend that you upgrade your libyaml-libyaml-perl packages.