File _patchinfo of Package patchinfo.23005

<patchinfo incident="23005">
  <issue tracker="cve" id="2018-20573"/>
  <issue tracker="cve" id="2019-6285"/>
  <issue tracker="cve" id="2018-20574"/>
  <issue tracker="cve" id="2019-6292"/>
  <issue tracker="bnc" id="1121227">VUL-1: CVE-2018-20573: yaml-cpp: The Scanner:EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause DOS via a crafted YAML file</issue>
  <issue tracker="bnc" id="1122004">VUL-1: CVE-2019-6285: yaml-cpp: The SingleDocParser::HandleFlowSequence function in cpp allows remote attackers to cause DOS via a crafted YAML file</issue>
  <issue tracker="bnc" id="1121230">VUL-1: CVE-2018-20574: yaml-cpp: The SingleDocParser:HandleFlowMap function in yaml-cpp allows remote attackers to cause DOS via a crafted YAML file</issue>
  <issue tracker="bnc" id="1122021">VUL-1: CVE-2019-6292: yaml-cpp: An issue was discovered in singledocparser.cpp in yaml-cpp which cause DOS by stack consumption</issue>
  <packager>dspinella</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for yaml-cpp</summary>
  <description>This update for yaml-cpp fixes the following issues:

- CVE-2018-20573: Fixed remote DOS via a crafted YAML file in function Scanner:EnsureTokensInQueue (bsc#1121227).
- CVE-2018-20574: Fixed remote DOS via a crafted YAML file in function SingleDocParser:HandleFlowMap (bsc#1121230).
- CVE-2019-6285: Fixed remote DOS via a crafted YAML file in function SingleDocParser::HandleFlowSequence (bsc#1122004).
- CVE-2019-6292: Fixed DOS by stack consumption in singledocparser.cpp (bsc#1122021).
</description>
</patchinfo>