Original report from Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738587 === The patch libyaml-indent-column-overflow-v2.patch applied for the update to address CVE-2013-6393 introduces a regression which can be seen when parsing a small YAML sample file with the tests/run-parser.c utility: ----cut---------cut---------cut---------cut---------cut---------cut----- %YAML 1.1 --- # Indented Block name: John Smith age: 33 --- # Inline Block {name: John Smith, age: 33} ----cut---------cut---------cut---------cut---------cut---------cut----- Compiling run-parser.c in the source and run against this YAML file leads with the patch applied to: # ./run-parser ./regression.yaml [1] Parsing './regression.yaml': FAILURE (9 events) Upstream indeed has addressed this part slightly different, with [1] and [2]. [1] https://bitbucket.org/xi/libyaml/commits/f859ed1eb757a3562b98a28a8ce69274bfd4b3f2 [2] https://bitbucket.org/xi/libyaml/commits/af3599437a87162554787c52d8b16eab553f537b ===
libyaml-0.1.5-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/libyaml-0.1.5-1.el6
libyaml-0.1.2-6.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/libyaml-0.1.2-6.el5
Package libyaml-0.1.5-1.el6: * should fix your issue, * was pushed to the Fedora EPEL 6 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=epel-testing libyaml-0.1.5-1.el6' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2014-0525/libyaml-0.1.5-1.el6 then log in and leave karma (feedback).
libyaml-0.1.2-6.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
libyaml-0.1.5-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.