libyaml-dev - Fast YAML 1.1 parser and emitter library (development)
# sudo apt-get update
# sudo apt-get install libyaml-dev
2014-11-28 - Anders Kaseorg <andersk@mit.edu> libyaml (0.1.6-3) unstable; urgency=high * debian/patches/CVE-2014-9130.patch: Fix CVE-2014-9130 assertion failure caused by wrapped strings. (Closes: #771366) * Bump Standards-Version to 3.9.6 (no changes needed).
2014-08-19 - Anders Kaseorg <andersk@mit.edu> libyaml (0.1.6-2) unstable; urgency=medium * Move doxygen from Build-Depends to Build-Depends-Indep.
2014-08-19 - Anders Kaseorg <andersk@mit.edu> libyaml (0.1.6-1) unstable; urgency=medium * New upstream version 0.1.6. + Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags. + Fix CVE-2014-2525: heap-based buffer overflow in yaml_parser_scan_uri_escapes. * Drop upstreamed patches. * Run tests at build time. * Bump Standards-Version to 3.9.5 (no changes needed). * Use dh-autoreconf. (Closes: #745078) * Use dh-buildinfo. * Add libyaml-doc package for Doxygen-generated API documentation and examples. (Closes: #696821) * Acknowledge NMUs.
2014-03-27 - Salvatore Bonaccorso <carnil@debian.org> libyaml (0.1.4-3.2) unstable; urgency=high * Non-maintainer upload by the Security Team. * Add CVE-2014-2525.patch patch. CVE-2014-2525: Fixes heap overflow in yaml_parser_scan_uri_escapes. The heap overflow is caused by not properly expanding a string before writing to it in function yaml_parser_scan_uri_escapes in scanner.c. (Closes: #742732)
2014-02-13 - Salvatore Bonaccorso <carnil@debian.org> libyaml (0.1.4-3.1) unstable; urgency=medium * Non-maintainer upload. * Drop libyaml-indent-column-overflow-v2.patch patch. This patch causes additional regressions on simple YAML files. * Add libyaml-guard-against-overflows-in-indent-and-flow_level.patch patch. Add upstream's patch to guard against overflows in indent and flow_level. (Closes: #738587)
2014-01-29 - Anders Kaseorg <andersk@mit.edu> libyaml (0.1.4-3) unstable; urgency=high * Fix CVE-2013-6393: heap-based buffer overflow when parsing YAML tags. (Closes: #737076)
2011-12-30 - Anders Kaseorg <andersk@mit.edu> libyaml (0.1.4-2) unstable; urgency=low * Remove extra libyaml-0.so symlink from libyaml-dev. * Bump Debhelper compat level to 9. * Support multiarch. (Closes: #653748) (LP: #905630) * Use 3.0 (quilt) source format.
2011-05-30 - Anders Kaseorg <andersk@mit.edu> libyaml (0.1.4-1) unstable; urgency=low * New upstream version 0.1.4. + Fixed a bug that prevented an empty mapping being used as a simple key. + Fixed pointer overflow when calculating the position of a potential simple key. + Added pkg-config support. (Closes: #537834) * Remove unneded libyaml.la file. (Closes: #622452) * Add libyaml-0-2-dbg package with debugging symbols. (Closes: #592747) * Bumped standards version to 3.9.2 without further change
2009-10-04 - Anders Kaseorg <andersk@mit.edu> libyaml (0.1.3-1) unstable; urgency=low * New upstream version 0.1.3. + This release fixes non-standard structure initialization and a streaming-related issue. * Bump priority from extra to optional.
2008-12-29 - Anders Kaseorg <andersk@mit.edu> libyaml (0.1.2-1) unstable; urgency=low * New upstream version 0.1.2. + Fixed grammar in error messages (from YAML::XS::LibYAML). + Rewritten whitespace detection in the scalar analyzer and block scalar writers (ported from PyYAML). + Fixed emitting folded scalars with trailing breaks; Forced emitting of a document end indicator when there is a possibility of ambiguous parsing.