Updated python-yaml packages fix security vulnerability
Publication date: 05 Jan 2015Type: security
Affected Mageia releases : 4
CVE: CVE-2014-9130
Description
Updated python-yaml packages fix security vulnerability: Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into an application using python-yaml could cause the application to crash. This issue is similar to CVE-2014-9130, but the assertion was independently implemented in Python-YAML.
References
SRPMS
4/core
- python-yaml-3.10-5.1.mga4