[ALSA-2026:6470] Important: perl-YAML-Syck security update
Type:
security
Severity:
important
Release date:
2026-04-03
Description:
This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around. Security Fix(es): * perl-YAML-Syck: YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter (CVE-2026-4177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 perl-YAML-Syck-1.30-6.el8_10.aarch64.rpm 494e6440241fe5dab9dbf1f5d100c68e33e6481810bd1e814c9843fbac2977d1
ppc64le perl-YAML-Syck-1.30-6.el8_10.ppc64le.rpm 9d1e79b873a0999dcb762d0a0f0e9e3239460957f7d1ea11428ba8b031c30bfe
s390x perl-YAML-Syck-1.30-6.el8_10.s390x.rpm 22a6d709546c127dfe4733f4dd57f728fa350b0b2e3863341c212181a223697b
x86_64 perl-YAML-Syck-1.30-6.el8_10.x86_64.rpm 9fa20e51ea0f46d738aa20c781023321012847d5683427ee67ad7493c1ac5143
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.