This update for perl-YAML-Syck fixes the following issues:
updated to 1.450.0 (1.45) see
/usr/share/doc/packages/perl-YAML-Syck/Changes
* 1.45 Apr 23 2026
[Bug Fixes]
- Fix: use syck_base64_free() to fix Windows "Free to wrong pool"
crash in base64 encode/decode buffers; also plugs a memory leak (PR
#189)
- Fix: clear type tag on blessed scalar alias early-return so the
stale tag no longer leaks onto the next emitted item (GH #193, PR
#194)
- Fix: negative float#base60 values produce wrong results; strip sign
before accumulating and avoid negative zero for portable
stringification (PR #191)
- Fix: prevent memory leaks when Load/LoadJSON croak on parse errors
(PR #192)
[Maintenance]
- Test: add coverage for SortKeys and JSON MaxDepth (PR #188)
- Test: add error handling coverage for LoadFile/DumpFile (PR #190)
- Update README
updated to...
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP7:
zypper in -t patch openSUSE-2026-180=1
- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):
perl-YAML-Syck-1.450.0-bp157.2.3.1
https://www.suse.com/security/cve/CVE-2025-11683.html
https://www.suse.com/security/cve/CVE-2026-4177.html
https://bugzilla.suse.com/1252111
https://bugzilla.suse.com/1259757
Get the latest Linux and open source security news straight to your inbox.