Package: pyyaml / 5.3.1-5

Metadata

Package Version Patches format
pyyaml 5.3.1-5 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
fatal_test_failures.patch | (download)

tests/lib3/test_appliance.py | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 patch upstream test system to make test failures fatal
cve 2020 14343.patch | (download)

lib/yaml/constructor.py | 24 12 + 12 - 0 !
lib3/yaml/constructor.py | 24 12 + 12 - 0 !
tests/lib/test_recursive.py | 2 1 + 1 - 0 !
tests/lib3/test_recursive.py | 2 1 + 1 - 0 !
4 files changed, 26 insertions(+), 26 deletions(-)

 fix for cve-2020-14343

Per suggestion https://github.com/yaml/pyyaml/issues/420#issuecomment-663888344
move a few constructors from full_load to unsafe_load.

Bug-Debian: https://bugs.debian.org/966233
Bug-Upstream: https://github.com/yaml/pyyaml/issues/420