Operating System:

[WIN][UNIX/Linux][Debian]

Published:

13 February 2014

Protect yourself against future threats.

//Service

Member Security Incident Notifications

Be proactive with your security and receive our daily Member Security Incident Notifications (MSINs) custom to your network.

Read more
Resources > Security Bulletins > ESB-2014.0130.2 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2014.0130.2
                          libyaml security update
                             13 February 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           libyaml
Publisher:         Debian
Operating System:  Windows
                   UNIX variants (UNIX, Linux, OSX)
                   Debian GNU/Linux 6
                   Debian GNU/Linux 7
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2013-6393  

Original Bulletin: 
   http://www.debian.org/security/2014/dsa-2850

Comment: This bulletin contains two (2) Debian security advisories.
         
         This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running libyaml check for an updated version of the software for 
         their operating system.

Revision History:  February 13 2014: The security update released in DSA-2850-1 
                                     for libyaml introduced a regression in 
                                     libyaml
                   February  3 2014: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-2850-2                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
February 12, 2014                      http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : libyaml
Vulnerability  : regression
Debian Bug     : 738587

The security update released in DSA-2850-1 for libyaml introduced a
regression in libyaml failing to parse a subset of valid yaml documents.
For reference the original advisory text follows.

Florian Weimer of the Red Hat Product Security Team discovered a
heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and
emitter library. A remote attacker could provide a YAML document with a
specially-crafted tag that, when parsed by an application using libyaml,
would cause the application to crash or, potentially, execute arbitrary
code with the privileges of the user running the application.

For the oldstable distribution (squeeze), this problem has been fixed in
version 0.1.3-1+deb6u3.

For the stable distribution (wheezy), this problem has been fixed in
version 0.1.4-2+deb7u3.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your libyaml packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJS+zTJAAoJEAVMuPMTQ89EuPwP/3fnkxZLkgdy++jOKsR1XYwR
S/GYbdJT8x5xghudJoUyi5JiEMpecaDhaayDPbEOjl/BJXO2nwxRdxMk5aaQLEYP
kOSBwKgI2SOVi0rCzr0SbtMHv5VQ3+L5f4s4aGiU8R67tITTf3++pDId23lpaMmy
FzS6PZSJLgj0mw2YbnYU8eaYky1s0itMX6leBsvXpNck/d0cvKMBn0HJ1DMKEB/A
wVq1q5DErkmLVJRjOW4hhe5AayQNV2nXdufzOpXNUwld/bDc2924i0lNKaHHgix9
KovQYbc9uJWLxIyeN2iVPomX3eqNRdMKYfHWYR40sBt0BOj0YpcGuXi4ZYztpaY/
YlZjaGPCWnIKTcuX9a5tlswPDNXSKjlZW8T4vqDvKFXtBzMz16S4AJzjDJvY2btk
UQWsppf9Td6yEDZcD9w0aSBkQrV9bX2sFn0xiDUiIpgeeGOPPw1LQvW0xVbNaqpy
Fp6N7d4YimAdwfpPT+RbTuF/unLPtpEQru7xWM1mLdtO0dHRqGbExsY758Bad0Me
bG2zYIFwlMFDzDM79mgm3CPreqzRxYanlS1iiNbf0mlj/3LixH5JrNJLkHHXK7g/
01qqc3ZbY+s+CbVB/tbZ1WnB4b6/L3w1U1uI0//wku1w18xO1RLj/0fcWp2xfHaR
ICQuHEzKHquT6INOeF/s
=xHlV
- -----END PGP SIGNATURE-----

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-2850-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
January 31, 2014                       http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : libyaml
Vulnerability  : heap-based buffer overflow
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2013-6393
Debian Bug     : 737076

Florian Weimer of the Red Hat Product Security Team discovered a
heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and
emitter library. A remote attacker could provide a YAML document with a
specially-crafted tag that, when parsed by an application using libyaml,
would cause the application to crash or, potentially, execute arbitrary
code with the privileges of the user running the application.

For the oldstable distribution (squeeze), this problem has been fixed in
version 0.1.3-1+deb6u2.

For the stable distribution (wheezy), this problem has been fixed in
version 0.1.4-2+deb7u2.

For the unstable distribution (sid), this problem has been fixed in
version 0.1.4-3.

We recommend that you upgrade your libyaml packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJS7BSkAAoJEAVMuPMTQ89EIUcP/16A9xfaagrDXKn2+FDi4S7+
wXeDpEp0J0n5eAAepEJ3DQmHLAk5hNZLUgvoXSQurzXR3lBQ0vyybCaztH7aOZd2
cYHKu9aRPWyeBsAB6mB4aHZM+FoGu/xHLZL8uqNlVtb4SNQdSmcKB8H0SFKFJ+Nl
CU6UMtiN250DDkX+LBuc6Prpu2xonu/hBZ7FaElbvrGSTyjvt3sQBWqckG3ilgJb
L2cyDBlptWF/+0vzJ9Q7g5xMVNL+d0oT341OpLPGu0eP8Nz4dxSqIFTK/v6nTFPR
2ngKg5zMBb2plxmMhronLspzx52LVdZmAx2TGBlCLW67i8SBG7SCCKoq3RAE5wBw
nk0pV3O2fWjrHM1nkcWmht2hNtvdggKhIUUDROg7QfvATL2NVXW1qZphYH/v9YXy
M17W2/4VFKfsZSw9yZKOtUnSY6LnTp5i/nafz5BTh57Gd5Z9GczVfQYZ6b0Rc95O
uslDBfwNYAu4gffSDR6Umzuo8j+74OzFJu4bZunZFRWzYQ5Xa5GtovNjY+j0uf5l
1iTVDUMrSvbzHng9gd9iW4kueo5lEI5bhmcxK7dM4XLoSOhYuvH/qYvojvxNnPM7
1AwZqfMoJyMryB/R0QT3osoCEOtQw7yt+2/HpwWcCmLt6p39f9je3n8iOEo3RMMW
cESz6UblNfsUm5n3zYPi
=6Zgd
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUvw5rBLndAQH1ShLAQIzHBAAlY3oKls3KFy1bvEYPieADQ5R9t7Ur6Ft
HoH8+XVrwwyrBHdMCofB+MvPWkmxw5qfZaLCtwpYhTuWlGOQ8BmvdoRQlakFfWrS
PH365FF4vuqb5IhD6cnVezfLKUQ6GyLUM1PLHh3aYlqRzq/Ll90ceUWhBTMM8cHs
zQwbcN9ERHWRcw6I3K2VIiJpF8fnQLommAOhh18MxtftruQ5xVGU45v7Yrq556FL
G6r5rTLIFQD/LZW4K/lkZppKancvFQQCZiHzdei/PlfqY99xM1ESDU3zO2PcyjYW
ENXsoskvJ5dTQ10kzfPrZAG+jN/TfAzm5/A2gQSXPi0LWXNrx7+sGS/VCJdE30II
6xOmQQI9bNxBE4gagh6Iblzmp4cWr5IcygnqRuA/CJgaAEAVrDbreuaQjsG9RdQc
VB50i8l8+oaaBdpuc+4s8PfLlYJq+a1iudmj7XHe0JQqQGAk6FFSXq8M7wfoFBU2
F+4yUuXGyF9QmfvxXQojuwxQZuSbyuI9PwIPDBVsODwvSHHEgaqI9eCMvbBeoCgN
EzNNFS51gOncirhh+Ow6NxoYtVeqtZuR24UxViHoBWCrFZD8TZHrQZdbiIofcsM9
9KX23fF4kLpPAWvtLasvKN/i13fp6bU6RWAlt4MSCD7EEQNxrez+9O/GcnMroYSR
u06hmdl94bc=
=4via
-----END PGP SIGNATURE-----