The system could be made to expose sensitive information.
Software Description:
- libyaml-syck-perl: Perl module providing a fast, lightweight YAML loader and dumper
Details:
It was discovered that YAML::Syck did not properly handle parsing YAML
files. An attacker could possibly use this issue to expose sensitive
information.
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
libyaml-syck-perl 1.34-3ubuntu0.1
Ubuntu 25.04
libyaml-syck-perl 1.34-2ubuntu0.25.04.1
Ubuntu 24.04 LTS
libyaml-syck-perl 1.34-2ubuntu0.24.04.1~esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
libyaml-syck-perl 1.34-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
libyaml-syck-perl 1.31-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libyaml-syck-perl 1.29-1ubuntu0.18.04.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libyaml-syck-perl 1.29-1ubuntu0.16.04.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-7844-1
CVE-2025-11683
Get the latest Linux and open source security news straight to your inbox.