CVE-2014-2525 was already fixed in 0.1.4-3ubuntu3: https://launchpad.net/ubuntu/trusty/+source/libyaml/0.1.4-3ubuntu3
** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2525 ** Changed in: libyaml (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libyaml in Ubuntu. https://bugs.launchpad.net/bugs/1305949 Title: Please bump libyaml to 0.1.6 due to CVE-2014-2525 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libyaml/+bug/1305949/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
