From ${URL} : An assertion failure was found in the way the PyYAML library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using PyYAML could cause the application to crash. This is the same flaw as CVE-2014-9130 but in the Python implementation of the YAML library. MITRE recommends it should be a separate issue: http://seclists.org/oss-sec/2014/q4/854 Upstream patch: https://bitbucket.org/xi/pyyaml/commits/ddf211a41bb231c365fece5599b7e484e6dc33fc @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
3.12 has the fix, lets stablize that Arches, please stabilize =dev-python/pyyaml-3.12 under the ALLARCHES policy.
amd64 stable
Stable for HPPA PPC64.
arm stable
Stable for arm64/ia64/m68k/ppc/s390/sh/sparc/x86 (ALLARCHES policy).
alpha stable. Maintainer(s), please cleanup. Security, please vote.
Cleanup done.
GLSA Vote: No