Files
Kang Kai f58ee5acdd libyaml: add fix for CVE-2014-2525 Security Advisory
Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function
in LibYAML before 0.1.6 allows context-dependent attackers to execute
arbitrary code via a long sequence of percent-encoded characters in a
URI in a YAML file.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2525

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2014-12-01 14:24:52 +01:00

22 lines
696 B
BlitzBasic

SUMMARY = "LibYAML is a YAML 1.1 parser and emitter written in C."
DESCRIPTION = "LibYAML is a C library for parsing and emitting data in YAML 1.1, \
a human-readable data serialization format. "
HOMEPAGE = "http://pyyaml.org/wiki/LibYAML"
SECTION = "libs/devel"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE;md5=6015f088759b10e0bc2bf64898d4ae17"
SRC_URI = "http://pyyaml.org/download/libyaml/yaml-${PV}.tar.gz \
file://libyaml-CVE-2014-2525.patch \
"
SRC_URI[md5sum] = "24f6093c1e840ca5df2eb09291a1dbf1"
SRC_URI[sha256sum] = "fa87ee8fb7b936ec04457bc044cd561155e1000a4d25029867752e543c2d3bef"
S = "${WORKDIR}/yaml-${PV}"
inherit autotools
BBCLASSEXTEND = "native"