request #47546 yaml: 1.10.2 -> 1.10.3, 2.8.2 -> 2.8.3

Infos

Artifact ID#47546

Submitted byThomas Gerbet (tgerbet)

Last Modified On2026-03-26 16:10

Submitted on2026-03-26 13:06

Rank49269

Details

Summary *

yaml: 1.10.2 -> 1.10.3, 2.8.2 -> 2.8.3

Original Submission

Fixes CVE-2026-33532. No impact for Tuleap, YAML files are only (potentially) read during dev workflows where a DoS is not meaningful.

https://github.com/eemeli/yaml/releases/tag/v2.8.3
https://github.com/eemeli/yaml/compare/v1.10.2...v1.10.3

CategoryDev tools

Reported in versionEmpty

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toThomas Gerbet (tgerbet)

StatusClosed

Close date2026-03-26

Attachments

AttachmentsEmpty

References

Cross references

Show items referenced by request #47546

Referenced by request #47546

Artifact

rel #47138 17.6

Other

gerrit #37220

Follow-ups

Clarck Robinson (robinsoc)

2026-03-26 16:10

Connected artifacts
- Added Fixed in: rel #47138

Tracker Workflow Manager (forge__tracker_workflow_manager)

2026-03-26 16:08

Closed by @tgerbet with git #tuleap/stable/414aa4cca12a9773fcc75564f3fc562da4d32669.

Status changed from Under review to Closed
Close date set to 2026-03-26

Thomas Gerbet (tgerbet)

2026-03-26 13:16

See gerrit #37220.

Status changed from Under implementation to Under review

Public

Referenced by request #47546

Artifact

Other

Follow-ups