File libyaml.changes of Package libyaml.39816
------------------------------------------------------------------- Sun Dec 31 22:20:11 UTC 2017 - avindra@opensuse.org - update to 0.1.7 * Fixed segfault in yaml_string_write_handler * Fixed invalid simple key assertion (CVE-2014-9130) * Fixed error handling in some examples - remove CVE-2014-9130.patch - fixed upstream in 946596172d140497b560e016e581accb0a92cca4 - cleanup spec file with spec-cleaner ------------------------------------------------------------------- Wed Dec 3 12:49:34 UTC 2014 - jmassaguerpla@suse.com - fix CVE-2014-9130: libyaml: assert failure when processing wrapped strings (bnc#907809) CVE-2014-9130.patch contains the fix ------------------------------------------------------------------- Fri Mar 28 16:10:41 UTC 2014 - jmassaguerpla@suse.com - update to 0.1.6 is a security update release for: * CVE-2014-2525: heap overflow during parsing (bnc#868944) bnc#860617) ------------------------------------------------------------------- Fri Feb 7 16:25:48 UTC 2014 - dmueller@suse.com - update to 0.1.5: * Manually define PTRDIFF_MAX for VS C compiler * Limit input size to SIZE_MAX/2 * Guard against overflows in indent and flow_level (CVE-2013-6393, bnc#860617) * Prevent node index overflow (Reported by Florian Weimer). * Fixed invalid size_t->int cast (Thank to Florian Weimer). ------------------------------------------------------------------- Tue Mar 26 12:25:02 UTC 2013 - dmueller@suse.com - update to 0.1.4: * documentation update * add pkgconfig support ------------------------------------------------------------------- Sun Jan 29 21:44:24 UTC 2012 - jengelh@medozas.de - Remove redundant tags/sections per specfile guideline suggestions ------------------------------------------------------------------- Wed Feb 9 19:05:55 UTC 2011 - pascal.bleser@opensuse.org - fixed erroneous license from GPLv2 to MIT, bnc#670525 ------------------------------------------------------------------- Tue Apr 6 22:55:47 UTC 2010 - mrueckert@suse.de - initial package of version 0.1.3




