File _patchinfo of Package patchinfo.25857

<patchinfo incident="25857">
  <issue tracker="bnc" id="1203158">VUL-0: CVE-2022-38750: snakeyaml: uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject.</issue>
  <issue tracker="bnc" id="1203149">VUL-0: CVE-2022-38749: snakeyaml: StackOverflowError for many open unmatched brackets</issue>
  <issue tracker="bnc" id="1203154">VUL-0: CVE-2022-38752: snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode</issue>
  <issue tracker="bnc" id="1203153">VUL-0: CVE-2022-38751: snakeyaml: unrestricted data matched with Regular Expressions</issue>
  <issue tracker="bnc" id="1202932">VUL-0: CVE-2022-25857: snakeyaml: snakeyaml vulnerable to DoS due missing to nested depth limitation for collections</issue>
  <issue tracker="cve" id="2020-13936"/>
  <issue tracker="cve" id="2022-25857"/>
  <issue tracker="cve" id="2022-38751"/>
  <issue tracker="cve" id="2022-38749"/>
  <issue tracker="cve" id="2022-38750"/>
  <issue tracker="cve" id="2022-38752"/>
  <packager>fstrba</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for snakeyaml</summary>
  <description>This update for snakeyaml fixes the following issues:

- CVE-2022-38750: Fixed uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (bsc#1203158).
- CVE-2022-38749: Fixed StackOverflowError for many open unmatched brackets (bsc#1203149).
- CVE-2022-38752: Fixed uncaught exception in java.base/java.util.ArrayList.hashCode (bsc#1203154).
- CVE-2022-38751: Fixed unrestricted data matched with Regular Expressions (bsc#1203153).
- CVE-2022-25857: Fixed denial of service vulnerability due missing to nested depth limitation for collections (bsc#1202932).
</description>
</patchinfo>