Candidate: CVE-2017-11692
PublicDate: 2017-07-30 17:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11692
Description:
 The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and
 earlier allows remote attackers to cause a denial of service (assertion
 failure and application exit) via a '!2' string.
Ubuntu-Description:
Notes:
Bugs:
 https://github.com/jbeder/yaml-cpp/issues/519
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870327
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870326
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]

Patches_yaml-cpp0.3:
upstream_yaml-cpp0.3: needs-triage
precise/esm_yaml-cpp0.3: DNE
trusty_yaml-cpp0.3: ignored (reached end-of-life)
trusty/esm_yaml-cpp0.3: DNE (trusty was needed)
vivid/ubuntu-core_yaml-cpp0.3: DNE
xenial_yaml-cpp0.3: ignored (end of standard support, was needed)
zesty_yaml-cpp0.3: ignored (reached end-of-life)
artful_yaml-cpp0.3: ignored (reached end-of-life)
bionic_yaml-cpp0.3: needed
cosmic_yaml-cpp0.3: ignored (reached end-of-life)
disco_yaml-cpp0.3: DNE
eoan_yaml-cpp0.3: DNE
focal_yaml-cpp0.3: DNE
groovy_yaml-cpp0.3: DNE
hirsute_yaml-cpp0.3: DNE
impish_yaml-cpp0.3: DNE
jammy_yaml-cpp0.3: DNE
devel_yaml-cpp0.3: DNE

Patches_yaml-cpp:
 upstream: https://github.com/jbeder/yaml-cpp/commit/c9460110e072df84b7dee3eb651f2ec5df75fb18
upstream_yaml-cpp: released (0.6.3-1)
precise/esm_yaml-cpp: DNE
trusty_yaml-cpp: ignored (out of standard support)
trusty/esm_yaml-cpp: needed
vivid/ubuntu-core_yaml-cpp: DNE
xenial_yaml-cpp: ignored (end of standard support, was needed)
zesty_yaml-cpp: ignored (reached end-of-life)
artful_yaml-cpp: ignored (reached end-of-life)
bionic_yaml-cpp: needed
cosmic_yaml-cpp: ignored (reached end-of-life)
disco_yaml-cpp: ignored (reached end-of-life)
eoan_yaml-cpp: ignored (reached end-of-life)
focal_yaml-cpp: needed
groovy_yaml-cpp: not-affected (0.6.3-9)
hirsute_yaml-cpp: not-affected (0.6.3-9)
impish_yaml-cpp: not-affected (0.6.3-9)
jammy_yaml-cpp: not-affected (0.6.3-9)
devel_yaml-cpp: not-affected (0.6.3-9)