rpms/libyaml
7
0
Fork 0
Code Issues Pull Requests Releases Activity

New upstream release 0.1.7 (RHBZ#1371154)

Browse Source
This commit is contained in:
John Eckersberg 2016-08-29 12:35:23 -04:00
parent 37b704866e
commit 28923bef1f
4 changed files with 7 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -2,3 +2,4 @@ yaml-0.1.3.tar.gz
/yaml-0.1.4.tar.gz
/yaml-0.1.5.tar.gz
/yaml-0.1.6.tar.gz
/yaml-0.1.7.tar.gz

28
libyaml-CVE-2014-9130.patch
View File

@ -1,28 +0,0 @@
From e6aa721cc0e5a48f408c52355559fd36780ba32a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ingy=20d=C3=B6t=20Net?= <ingy@ingy.net>
Date: Fri, 28 Nov 2014 09:21:49 -0800
Subject: [PATCH] Fix for https://bitbucket.org/xi/libyaml/issue/10/
https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
Commenting out the assert makes the scanner do the right thing and
results in just a simple parse failure.
---
src/scanner.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/scanner.c b/src/scanner.c
index 88d4fa5..c5f3d2f 100644
--- a/src/scanner.c
+++ b/src/scanner.c
@@ -1110,7 +1110,9 @@ yaml_parser_save_simple_key(yaml_parser_t *parser)
* line. Therefore it is always allowed. But we add a check anyway.
*/
- assert(parser->simple_key_allowed || !required); /* Impossible. */
+ /* XXX This caused:
+ * https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
+ assert(parser->simple_key_allowed || !required); */ /* Impossible. */
/*
* If the current position may start a simple key, save it.

10
libyaml.spec
View File

@ -3,8 +3,8 @@
#====================================================================#
Name: libyaml
Version: 0.1.6
Release: 8%{?dist}
Version: 0.1.7
Release: 1%{?dist}
Summary: YAML 1.1 parser and emitter written in C
Group: System Environment/Libraries
@ -13,8 +13,6 @@ URL: http://pyyaml.org/
Source0: http://pyyaml.org/download/libyaml/%{tarballname}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Patch0: libyaml-CVE-2014-9130.patch
%description
YAML is a data serialization format designed for human readability and
interaction with scripting languages. LibYAML is a YAML parser and
@ -35,7 +33,6 @@ developing applications that use LibYAML.
%prep
%setup -q -n %{tarballname}-%{version}
%patch0 -p1
%build
%configure
@ -83,6 +80,9 @@ rm -rf %{buildroot}
%changelog
* Mon Aug 29 2016 John Eckersberg <eck@redhat.com> - 0.1.7-1
- New upstream release 0.1.7 (RHBZ#1371154)
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.6-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
5fe00cda18ca5daeb43762b80c38e06e yaml-0.1.6.tar.gz
1abf45bd3a96374fa55ca63b32f9f2f9 yaml-0.1.7.tar.gz