| Release | Version |
|---|---|
| bullseye | 0.82+repack-1 |
| bookworm | 0.86+ds-1+deb12u1 |
| trixie | 0.903.0+ds-1 |
| forky | 0.904.0+ds-1 |
| sid | 0.904.0+ds-1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2025-40908 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing exis ... |
| Bug | Description |
|---|---|
| CVE-2014-9130 | scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka ... |
| CVE-2014-2525 | Heap-based buffer overflow in the yaml_parser_scan_uri_escapes functio ... |
| CVE-2013-6393 | The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0 ... |
| CVE-2012-1152 | Multiple format string vulnerabilities in the error reporting function ... |
| DSA / DLA | Description |
|---|---|
| DLA-109-1 | libyaml-libyaml-perl - security update |
| DSA-3103-1 | libyaml-libyaml-perl - security update |
| DSA-2885-1 | libyaml-libyaml-perl - security update |
| DSA-2870-1 | libyaml-libyaml-perl - heap-based buffer overflow |
| DSA-2432-1 | libyaml-libyaml-perl - format string vulnerability |