Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2013-6393

Published: 27 January 2014

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.

Notes

AuthorNote
mdeslaur
regression was introduced in USN-2098-1
redhat created three patches:
libyaml-string-overflow.patch is upstream
1d73f004f49e6962cf936da98aecf0aec95c4c50
libyaml-node-id-hardening.patch seems to have been done
differently upstream in b77d42277c32b58a114a0fa0968038a4b0ab24f4
libyaml-indent-column-overflow-v2.patch was done differently
upstream in f859ed1eb757a3562b98a28a8ce69274bfd4b3f2 and
af3599437a87162554787c52d8b16eab553f537b

Priority

Medium

Status

Package Release Status
libyaml
Launchpad, Ubuntu, Debian
lucid Ignored
(end of life)
precise
Released (0.1.4-2ubuntu0.12.04.1)
quantal
Released (0.1.4-2ubuntu0.12.10.1)
raring Ignored
(end of life)
saucy
Released (0.1.4-2ubuntu0.13.10.1)
upstream
Released (0.1.5)
Patches:
upstream: https://bitbucket.org/xi/libyaml/commits/1d73f004f49e6962cf936da98aecf0aec95c4c50
upstream: https://bitbucket.org/xi/libyaml/commits/b77d42277c32b58a114a0fa0968038a4b0ab24f4
upstream: https://bitbucket.org/xi/libyaml/commits/f859ed1eb757a3562b98a28a8ce69274bfd4b3f2
upstream: https://bitbucket.org/xi/libyaml/commits/0df2fb962294f3a6df1450a3e08c6a0f74f9078c
upstream: https://bitbucket.org/xi/libyaml/commits/af3599437a87162554787c52d8b16eab553f537b
libyaml-libyaml-perl
Launchpad, Ubuntu, Debian
lucid Ignored
(end of life)
precise
Released (0.38-2ubuntu0.1)
quantal
Released (0.38-3ubuntu0.12.10.1)
saucy
Released (0.38-3ubuntu0.13.10.1)
upstream Needed