retitle 661548 libyaml-libyaml-perl: CVE-2012-1152: Format string vulnerabilities in YAML parsing thanks
On Fri, Mar 09, 2012 at 08:09:54AM +0200, Niko Tyni wrote: > severity 661548 grave > tag 661548 security > found 661548 0.33-1 > thanks > > On Mon, Feb 27, 2012 at 09:44:42PM +0000, Dominic Hargreaves wrote: > > Source: libyaml-libyaml-perl > > Severity: normal > > Version: 0.38-1 > > User: debian...@lists.debian.org > > Usertags: hardening-format-security hardening > > > > With hardening flags enabled, this package FTBFS: > These format strings can be injected from user input, > so raising the severity. A DSA will be issued for squeeze. This is CVE-2012-1152. http://seclists.org/oss-sec/2012/q1/609 -- Niko Tyni nt...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
