Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 21 Security Update: 2015-4642 Critical PyYAML Vulnerability Fix

fedora
Calendar Grey April 5, 2015
Dist Fedora Esm H88
An essential security patch for the PyYAML package in Fedora 21 tackles CVE-2014-9130 to improve protection.
Security fix for CVE-2014-9130

Summary

YAML is a data serialization format designed for human readability and

interaction with scripting languages. PyYAML is a YAML parser and

emitter for Python.

PyYAML features a complete YAML 1.1 parser, Unicode support, pickle

support, capable extension API, and sensible error messages. PyYAML

supports standard YAML tags and provides Python-specific tags that

allow to represent an arbitrary Python object.

PyYAML is applicable for a broad range of tasks from complex

configuration files to object serialization and persistance.

Update Information:

Security fix for CVE-2014-9130

Topics%20covered

Topics Covered

security advisory critical software update Fedora PyYAML CVE-2014-9130 data serialization

Change Log

* Mon Mar 23 2015 John Eckersberg - 3.11-7 - Add patch for CVE-2014-9130 (bug 1204829)

References


[ 1 ] Bug #1204829 - PyYAML: assert failure when processing wrapped strings https://bugzilla.redhat.com/show_bug.cgi?id=1204829

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update PyYAML' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: PyYAML
Product: Fedora 21
Version: 3.11Release : 7.fc21
URL: https://pyyaml.org/
Summary: YAML parser and emitter for Python

Topics%20covered

Topics Covered

security advisory critical software update Fedora PyYAML CVE-2014-9130 data serialization

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here