Information on source package libyang

Available versions

ReleaseVersion
buster0.16.105-1+deb10u1
buster (security)1.0.225-1.1~deb10u1
bullseye1.0.225-1.1

Open issues

BugbusterbullseyeDescription
CVE-2021-28906vulnerable (no DSA)vulnerable (no DSA)In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check w ...
CVE-2021-28905vulnerable (no DSA)vulnerable (no DSA)In function lys_node_free() in libyang <= v1.0.225, it asserts that th ...
CVE-2021-28904vulnerable (no DSA)vulnerable (no DSA)In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check ...
CVE-2021-28903vulnerable (no DSA)vulnerable (no DSA)A stack overflow in libyang <= v1.0.225 can cause a denial of service ...
CVE-2021-28902vulnerable (no DSA)vulnerable (no DSA)In function read_yin_container() in libyang <= v1.0.225, it doesn't ch ...

Resolved issues

BugDescription
CVE-2019-20398A NULL pointer dereference is present in libyang before v1.0-r3 in the ...
CVE-2019-20397A double-free is present in libyang before v1.0-r1 in the function yyp ...
CVE-2019-20396A segmentation fault is present in yyparse in libyang before v1.0-r1 d ...
CVE-2019-20395A stack consumption issue is present in libyang before v1.0-r1 due to ...
CVE-2019-20394A double-free is present in libyang before v1.0-r3 in the function yyp ...
CVE-2019-20393A double-free is present in libyang before v1.0-r1 in the function yyp ...
CVE-2019-20392An invalid memory access flaw is present in libyang before v1.0-r1 in ...
CVE-2019-20391An invalid memory access flaw is present in libyang before v1.0-r3 in ...
CVE-2019-19334In all versions of libyang before 1.0-r5, a stack-based buffer overflo ...
CVE-2019-19333In all versions of libyang before 1.0-r5, a stack-based buffer overflo ...

Security announcements

DSA / DLADescription
DLA-3572-1libyang - security update
Search for package or bug name: Reporting problems