regression in CVE-2013-6393 patch

Bug #1279805 reported by Marc Deslauriers
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libyaml (Debian)
Fix Released
Unknown
libyaml (Ubuntu)
Fix Released
Critical
Marc Deslauriers
Precise
Fix Released
Critical
Marc Deslauriers
Quantal
Fix Released
Critical
Marc Deslauriers
Saucy
Fix Released
Critical
Marc Deslauriers

Bug Description

A regression has been reported in the patch used to fix CVE-2013-6393 in USN-2098-1:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738587
https://bugzilla.redhat.com/show_bug.cgi?id=1033990

Upstream has used slightly different fixes in 0.1.5.

Changed in libyaml (Ubuntu Precise):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in libyaml (Ubuntu Saucy):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in libyaml (Ubuntu Quantal):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in libyaml (Ubuntu Trusty):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in libyaml (Debian):
status: Unknown → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libyaml - 0.1.4-2ubuntu0.13.10.2

---------------
libyaml (0.1.4-2ubuntu0.13.10.2) saucy-security; urgency=medium

  * SECURITY REGRESSION: parsing regression in security update
    (LP: #1279805)
    - debian/patches/CVE-2013-6393.patch: updated to use upstream commits
      from 0.1.5.
 -- Marc Deslauriers <email address hidden> Thu, 13 Feb 2014 08:32:45 -0500

Changed in libyaml (Ubuntu Saucy):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libyaml - 0.1.4-2ubuntu0.12.04.2

---------------
libyaml (0.1.4-2ubuntu0.12.04.2) precise-security; urgency=medium

  * SECURITY REGRESSION: parsing regression in security update
    (LP: #1279805)
    - debian/patches/CVE-2013-6393.patch: updated to use upstream commits
      from 0.1.5.
 -- Marc Deslauriers <email address hidden> Thu, 13 Feb 2014 08:40:49 -0500

Changed in libyaml (Ubuntu Precise):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libyaml - 0.1.4-2ubuntu0.12.10.2

---------------
libyaml (0.1.4-2ubuntu0.12.10.2) quantal-security; urgency=medium

  * SECURITY REGRESSION: parsing regression in security update
    (LP: #1279805)
    - debian/patches/CVE-2013-6393.patch: updated to use upstream commits
      from 0.1.5.
 -- Marc Deslauriers <email address hidden> Thu, 13 Feb 2014 08:39:51 -0500

Changed in libyaml (Ubuntu Quantal):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libyaml - 0.1.4-3ubuntu2

---------------
libyaml (0.1.4-3ubuntu2) trusty; urgency=medium

  * SECURITY REGRESSION: parsing regression in security update
    (LP: #1279805)
    - debian/patches/CVE-2013-6393.patch: use upstream commits from 0.1.5.
    - debian/patches/libyaml-string-overflow.patch: removed
    - debian/patches/libyaml-node-id-hardening.patch: removed
    - debian/patches/libyaml-indent-column-overflow-v2.patch: removed
 -- Marc Deslauriers <email address hidden> Thu, 13 Feb 2014 09:02:35 -0500

Changed in libyaml (Ubuntu Trusty):
status: New → Fix Released
Changed in libyaml (Debian):
status: Fix Committed → Fix Released
Revision history for this message
Mathew Hodson (mhodson) wrote :
tags: added: regression-update
no longer affects: libyaml (Ubuntu Trusty)
Changed in libyaml (Ubuntu):
importance: Undecided → Critical
Changed in libyaml (Ubuntu Precise):
importance: Undecided → Critical
Changed in libyaml (Ubuntu Quantal):
importance: Undecided → Critical
Changed in libyaml (Ubuntu Saucy):
importance: Undecided → Critical
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.