perlPackages.YAMLSyck: 1.34 -> 1.36

Fixes CVE-2025-11683. ``` 1.36 Oct 10 2025 - Address memory corruption leading to 'str' value being set on empty keys Thanks @timlegge 1.35 Oct 9 2025 - Address parsing error related to string detection on read for empty strings. ``` Fixes #475110 (cherry picked from commit 68535984e661cd041de91066b3118768fbb4d69f)
author: Thomas Gerbet <thomas@gerbet.me> 2025-12-29 19:38:34 +0100
committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com> 2025-12-29 22:29:53 +0000
commit: 25d4a74c93028f53e540e413f753984a7f555301 (patch)
tree: df450b648ffccfde4b474b2408d8d4971b3ec6e8
parent: 1345d7a06f44a4d732527e2e1531adb6c67303fb (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix
index 47ea221973a6..c5ad2ad104f5 100644
--- a/pkgs/top-level/perl-packages.nix
+++ b/pkgs/top-level/perl-packages.nix
@@ -39045,10 +39045,10 @@ with self;
 
   YAMLSyck = buildPerlPackage {
     pname = "YAML-Syck";
-    version = "1.34";
+    version = "1.36";
     src = fetchurl {
-      url = "mirror://cpan/authors/id/T/TO/TODDR/YAML-Syck-1.34.tar.gz";
-      hash = "sha256-zJFWzK69p5jr/i8xthnoBld/hg7RcEJi8X/608bjQVk=";
+      url = "mirror://cpan/authors/id/T/TO/TODDR/YAML-Syck-1.36.tar.gz";
+      hash = "sha256-Tc2dmzsM48ZaL/K5tMb/+LZJ/fJDv9fhiJVDvs25GlI=";
     };
     meta = {
       description = "Fast, lightweight YAML loader and dumper";
author	Thomas Gerbet <thomas@gerbet.me>	2025-12-29 19:38:34 +0100
committer	github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-12-29 22:29:53 +0000
commit	25d4a74c93028f53e540e413f753984a7f555301 (patch)
tree	df450b648ffccfde4b474b2408d8d4971b3ec6e8
parent	1345d7a06f44a4d732527e2e1531adb6c67303fb (diff)