ALSA-2025:9329

[ALSA-2025:9329] Important: perl-YAML-LibYAML security update

Type:

security

Severity:

important

Release date:

2025-06-30

Description:

Kirill Siminov's "libyaml" is arguably the best YAML implementation. The C library is written precisely to the YAML 1.1 specification. It was originally bound to Python and was later bound to Ruby.  

Security Fix(es):  

  * yaml-libyaml: LibYAML Perl File Modification Vulnerability (CVE-2025-40908)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	perl-YAML-LibYAML-0.70-2.el8_10.aarch64.rpm	38244d8d40f4adb75e44e808d9673adbb818e5e65482112f9b90120c8c4925a7
ppc64le	perl-YAML-LibYAML-0.70-2.el8_10.ppc64le.rpm	68a338f7d439472269c2e4ea089016a0c222a6cc0d4d8979339f456781afc4b4
s390x	perl-YAML-LibYAML-0.70-2.el8_10.s390x.rpm	873eb8ace12edac53d77749d1fa5456d2515cd4603ca67b87aa9faade17758db
x86_64	perl-YAML-LibYAML-0.70-2.el8_10.x86_64.rpm	fea9a7d972d68a06688ed8a44f8fc297790400a660c2a68956a15da32e39a7ab

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.