Alerts This Week
Warning Icon 1 1,111
Alerts This Week
Warning Icon 1 1,111

openSUSE perl-YAML-Syck Moderate Security Update 2026-0180-1

opensuse
Calendar Grey May 30, 2026
Dist Opensuse Esm H88
Two key vulnerabilities addressed in perl-YAML-Syck update for openSUSE ensuring improved stability and security.
An update that fixes two vulnerabilities is now available.

Description

This update for perl-YAML-Syck fixes the following issues:

updated to 1.450.0 (1.45) see

/usr/share/doc/packages/perl-YAML-Syck/Changes

* 1.45 Apr 23 2026

[Bug Fixes]

- Fix: use syck_base64_free() to fix Windows "Free to wrong pool"

crash in base64 encode/decode buffers; also plugs a memory leak (PR

#189)

- Fix: clear type tag on blessed scalar alias early-return so the

stale tag no longer leaks onto the next emitted item (GH #193, PR

#194)

- Fix: negative float#base60 values produce wrong results; strip sign

before accumulating and avoid negative zero for portable

stringification (PR #191)

- Fix: prevent memory leaks when Load/LoadJSON croak on parse errors

(PR #192)

[Maintenance]

- Test: add coverage for SortKeys and JSON MaxDepth (PR #188)

- Test: add error handling coverage for LoadFile/DumpFile (PR #190)

- Update README

updated to...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-180=1

Package List

- openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64):

perl-YAML-Syck-1.450.0-bp157.2.3.1

References

https://www.suse.com/security/cve/CVE-2025-11683.html

https://www.suse.com/security/cve/CVE-2026-4177.html

https://bugzilla.suse.com/1252111

https://bugzilla.suse.com/1259757

Severity
moderate
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:0180-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP7

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here