Mandriva Linux Security Advisory : yaml (MDVSA-2014:242)
Medium Nessus Plugin ID 79987
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated yaml and perl-YAML-LibYAML packages fix security vulnerability :
An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash (CVE-2014-9130).
The perl-YAML-LibYAML package is also affected, as it was derived from the same code. Both have been patched to fix this issue.
SolutionUpdate the affected lib64yaml-devel, lib64yaml0_2 and / or perl-YAML-LibYAML packages.