Debian Patches
Status for libyaml-syck-perl/1.36-2
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| disable-compiler-check.patch | Disable compiler check. This is not needed in a Debian build environment, and more importantly, it breaks cross-builds. |
gregor herrmann <gregoa@debian.org> | not-needed | debian | vendor | 2020-02-04 |
| gcc15-fix.patch | Try to fix builds with GCC 15. I hereby put my changes under CC0 / MITL. |
Shlomi Fish <shlomif@shlomifish.org> | yes | debian upstream | https://github.com/cpan-authors/YAML-Syck/pull/64 | 2025-06-26 |
| fix-address-all-4-C-layer-audit-findings-from-issue-.patch | fix: address all 4 C-layer audit findings from issue #67 - HIGH: Fix heap buffer overflow in emitter tag buffer. The 512-byte fixed allocation overflowed via strcat(tag, ref) with long class names. Now tracks buffer size and grows dynamically with Renew() when needed. - MEDIUM: Fix base64 decoder reading past buffer end on trailing newlines. Added s < send guard to the inner whitespace-skip loop. - MEDIUM: Replace strtok(id, "/:") with savepv copy + strtok at all 6 call sites in the parser handler. strtok mutated n->type_id in place, corrupting shared node data. Each site now operates on a local copy that is freed after use. - LOW: Fix memory leak in syck_hdlr_add_anchor when a node already has an anchor. The incoming anchor string 'a' was leaked on early return. Closes #67 |
Toddr Bot <toddbot@rinaldo.us> | no | https://github.com/cpan-authors/YAML-Syck/commit/e8844a31c8cf0052914b198fc784ed4e6b8ae69e | 2026-03-14 |
All known versions for source package 'libyaml-syck-perl'
- 1.36-2 (forky, sid)
- 1.34-2+deb13u1 (trixie)
- 1.34-2+deb12u1 (bookworm)