SUSE-SU-2022:3397-1

This update for snakeyaml fixes the following issues:

CVE-2022-38750: Fixed uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (bsc#1203158).
CVE-2022-38749: Fixed StackOverflowError for many open unmatched brackets (bsc#1203149).
CVE-2022-38752: Fixed uncaught exception in java.base/java.util.ArrayList.hashCode (bsc#1203154).
CVE-2022-38751: Fixed unrestricted data matched with Regular Expressions (bsc#1203153).
CVE-2022-25857: Fixed denial of service vulnerability due missing to nested depth limitation for collections (bsc#1202932).

SUSE:Linux Enterprise Module for Development Tools 15 SP3snakeyaml

Fixed in:

1.31-150200.3.8.1

SUSE:Linux Enterprise Module for Development Tools 15 SP4snakeyaml

Fixed in:

1.31-150200.3.8.1

SUSE:Manager Server Module 4.2snakeyaml

Fixed in:

1.31-150200.3.8.1

SUSE:Manager Server Module 4.3snakeyaml

Fixed in:

1.31-150200.3.8.1

openSUSE:Leap 15.3snakeyaml

Fixed in:

1.31-150200.3.8.1

openSUSE:Leap 15.3snakeyaml-javadoc

Fixed in:

1.31-150200.3.8.1

openSUSE:Leap 15.4snakeyaml

Fixed in:

1.31-150200.3.8.1

openSUSE:Leap 15.4snakeyaml-javadoc

Fixed in:

1.31-150200.3.8.1