CVE-2022-38749 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47024): https://bitbucket.org/snakeyaml/snakeyaml/issues/525/got-stackoverflowerror-for-many-open Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. CVE-2022-38750 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47027): https://bitbucket.org/snakeyaml/snakeyaml/issues/526/stackoverflow-oss-fuzz-47027 Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. CVE-2022-38751 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47039): https://bitbucket.org/snakeyaml/snakeyaml/issues/530/stackoverflow-oss-fuzz-47039 Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. CVE-2022-38752 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47081): https://bitbucket.org/snakeyaml/snakeyaml/issues/531/stackoverflow-oss-fuzz-47081 Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow. First two are fixed in 1.31, second two are unfixed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=27e3c02d10c1eae2bf8489ed83252520868d3c9d commit 27e3c02d10c1eae2bf8489ed83252520868d3c9d Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2022-09-05 18:08:26 +0000 Commit: Florian Schmaus <flow@gentoo.org> CommitDate: 2022-09-06 08:20:19 +0000 dev-java/snakeyaml: add 1.31 Bug: https://bugs.gentoo.org/868621 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Closes: https://github.com/gentoo/gentoo/pull/26872 Signed-off-by: Florian Schmaus <flow@gentoo.org> dev-java/snakeyaml/Manifest | 1 + dev-java/snakeyaml/snakeyaml-1.31.ebuild | 86 ++++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ebf583e5509c4abe3b6af74710eddf02c54376d8 commit ebf583e5509c4abe3b6af74710eddf02c54376d8 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2022-09-19 08:36:30 +0000 Commit: Florian Schmaus <flow@gentoo.org> CommitDate: 2022-10-03 07:53:40 +0000 dev-java/snakeyaml: add 1.33 CVE-2022-3875{1,2} Bug: https://bugs.gentoo.org/868621 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Signed-off-by: Florian Schmaus <flow@gentoo.org> dev-java/snakeyaml/Manifest | 1 + dev-java/snakeyaml/snakeyaml-1.33.ebuild | 74 ++++++++++++++++++++++++++++++++ 2 files changed, 75 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=010dc6c07ddc9a929644b88c8247d78ffea52452 commit 010dc6c07ddc9a929644b88c8247d78ffea52452 Author: Volkmar W. Pogatzki <gentoo@pogatzki.net> AuthorDate: 2022-10-12 19:43:51 +0000 Commit: Arthur Zamarin <arthurzam@gentoo.org> CommitDate: 2022-10-12 20:02:05 +0000 dev-java/snakeyaml: drop 1.30-r1 Bug: https://bugs.gentoo.org/868621 Signed-off-by: Volkmar W. Pogatzki <gentoo@pogatzki.net> Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org> dev-java/snakeyaml/Manifest | 1 - .../files/snakeyaml-1.30-fix-test-check.patch | 18 ----- dev-java/snakeyaml/snakeyaml-1.30-r1.ebuild | 91 ---------------------- 3 files changed, 110 deletions(-)
(In reply to John Helmert III from comment #0) > CVE-2022-38749 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47024): > https://bitbucket.org/snakeyaml/snakeyaml/issues/525/got-stackoverflowerror- > for-many-open > > Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of > Service attacks (DOS). If the parser is running on user supplied input, an > attacker may supply content that causes the parser to crash by stackoverflow. > > CVE-2022-38750 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47027): > https://bitbucket.org/snakeyaml/snakeyaml/issues/526/stackoverflow-oss-fuzz- > 47027 > > Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of > Service attacks (DOS). If the parser is running on user supplied input, an > attacker may supply content that causes the parser to crash by stackoverflow. > > CVE-2022-38751 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47039): > https://bitbucket.org/snakeyaml/snakeyaml/issues/530/stackoverflow-oss-fuzz- > 47039 > > Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of > Service attacks (DOS). If the parser is running on user supplied input, an > attacker may supply content that causes the parser to crash by stackoverflow. > > CVE-2022-38752 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47081): > https://bitbucket.org/snakeyaml/snakeyaml/issues/531/stackoverflow-oss-fuzz- > 47081 > > Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of > Service attacks (DOS). If the parser is running on user supplied input, an > attacker may supply content that causes the parser to crash by > stack-overflow. > > First two are fixed in 1.31, second two are unfixed. According to: https://bitbucket.org/snakeyaml/snakeyaml/issues/530/stackoverflow-oss-fuzz-47039 https://bitbucket.org/snakeyaml/snakeyaml/issues/531/stackoverflow-oss-fuzz-47081 Fixes should be in 1.33
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=980b750f6ebc25adc36501cfe47c72ab672b5e9b commit 980b750f6ebc25adc36501cfe47c72ab672b5e9b Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-05-21 19:44:41 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-05-21 19:51:37 +0000 [ GLSA 202305-28 ] snakeyaml: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/776796 Bug: https://bugs.gentoo.org/868621 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202305-28.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+)
GLSA released, all done!