SUSE 5182 Published by

A perl-YAML-LibYAML security update has been released for openSUSE Leap 15.1.



security-announce: openSUSE-SU-2020:1089-1: moderate: Security update for perl-YAML-LibYAML


openSUSE Security Update: Security update for perl-YAML-LibYAML
______________________________________________________________________________

Announcement ID: openSUSE-SU-2020:1089-1
Rating: moderate
References: #1173703
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for perl-YAML-LibYAML fixes the following issues:

perl-YAML-LibYAML was updated to 0.69: [bsc#1173703]

* Security fix: Add $LoadBlessed option to turn on/off loading objects:
Default is set to true. Note that, the behavior is unchanged.
* Clarify documentation about exported functions
* Dump() was modifying original data, adding a PV to numbers
* Support standard tags !!str, !!map and !!seq instead of dying.
* Support JSON::PP::Boolean and boolean.pm via $YAML::XS::Boolean.
* Fix regex roundtrip. Fix loading of many regexes.

This update was imported from the SUSE:SLE-15:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-1089=1


Package List:

- openSUSE Leap 15.1 (i586 x86_64):

perl-YAML-LibYAML-0.69-lp151.3.3.1
perl-YAML-LibYAML-debuginfo-0.69-lp151.3.3.1
perl-YAML-LibYAML-debugsource-0.69-lp151.3.3.1

References:

  https://bugzilla.suse.com/1173703