diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..efe50cb
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/yaml-0.1.4.tar.gz
diff --git a/.libyaml.metadata b/.libyaml.metadata
new file mode 100644
index 0000000..5d67042
--- /dev/null
+++ b/.libyaml.metadata
@@ -0,0 +1 @@
+e0e5e09192ab10a607e3da2970db492118f560f2 SOURCES/yaml-0.1.4.tar.gz
diff --git a/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-1-of-3.patch b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-1-of-3.patch
new file mode 100644
index 0000000..777f148
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-1-of-3.patch
@@ -0,0 +1,86 @@
+# HG changeset patch
+# User Kirill Simonov <xi@resolvent.net>
+# Date 1391406104 21600
+# Sun Feb 02 23:41:44 2014 -0600
+# Node ID f859ed1eb757a3562b98a28a8ce69274bfd4b3f2
+# Parent da9bc6f12781a583076c7b60d057df5d7b50f96f
+Guard against overflows in indent and flow_level.
+
+diff -r da9bc6f12781 -r f859ed1eb757 src/scanner.c
+--- a/src/scanner.c Sun Feb 02 20:54:05 2014 -0600
++++ b/src/scanner.c Sun Feb 02 23:41:44 2014 -0600
+@@ -615,11 +615,11 @@
+ */
+
+ static int
+-yaml_parser_roll_indent(yaml_parser_t *parser, int column,
+- int number, yaml_token_type_t type, yaml_mark_t mark);
++yaml_parser_roll_indent(yaml_parser_t *parser, ptrdiff_t column,
++ ptrdiff_t number, yaml_token_type_t type, yaml_mark_t mark);
+
+ static int
+-yaml_parser_unroll_indent(yaml_parser_t *parser, int column);
++yaml_parser_unroll_indent(yaml_parser_t *parser, ptrdiff_t column);
+
+ /*
+ * Token fetchers.
+@@ -1103,7 +1103,7 @@
+ */
+
+ int required = (!parser->flow_level
+- && parser->indent == (int)parser->mark.column);
++ && parser->indent == (ptrdiff_t)parser->mark.column);
+
+ /*
+ * A simple key is required only when it is the first token in the current
+@@ -1176,6 +1176,9 @@
+
+ /* Increase the flow level. */
+
++ if (parser->flow_level == INT_MAX)
++ return 0;
++
+ parser->flow_level++;
+
+ return 1;
+@@ -1206,8 +1209,8 @@
+ */
+
+ static int
+-yaml_parser_roll_indent(yaml_parser_t *parser, int column,
+- int number, yaml_token_type_t type, yaml_mark_t mark)
++yaml_parser_roll_indent(yaml_parser_t *parser, ptrdiff_t column,
++ ptrdiff_t number, yaml_token_type_t type, yaml_mark_t mark)
+ {
+ yaml_token_t token;
+
+@@ -1226,6 +1229,9 @@
+ if (!PUSH(parser, parser->indents, parser->indent))
+ return 0;
+
++ if (column > INT_MAX)
++ return 0;
++
+ parser->indent = column;
+
+ /* Create a token and insert it into the queue. */
+@@ -1254,7 +1260,7 @@
+
+
+ static int
+-yaml_parser_unroll_indent(yaml_parser_t *parser, int column)
++yaml_parser_unroll_indent(yaml_parser_t *parser, ptrdiff_t column)
+ {
+ yaml_token_t token;
+
+diff -r da9bc6f12781 -r f859ed1eb757 src/yaml_private.h
+--- a/src/yaml_private.h Sun Feb 02 20:54:05 2014 -0600
++++ b/src/yaml_private.h Sun Feb 02 23:41:44 2014 -0600
+@@ -7,6 +7,7 @@
+
+ #include <assert.h>
+ #include <limits.h>
++#include <stddef.h>
+
+ /*
+ * Memory management.
diff --git a/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-2-of-3.patch b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-2-of-3.patch
new file mode 100644
index 0000000..be6fc05
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-2-of-3.patch
@@ -0,0 +1,33 @@
+# HG changeset patch
+# User Kirill Simonov <xi@resolvent.net>
+# Date 1391408806 21600
+# Mon Feb 03 00:26:46 2014 -0600
+# Node ID 0df2fb962294f3a6df1450a3e08c6a0f74f9078c
+# Parent f859ed1eb757a3562b98a28a8ce69274bfd4b3f2
+Limit input size to SIZE_MAX/2.
+
+diff -r f859ed1eb757 -r 0df2fb962294 src/reader.c
+--- a/src/reader.c Sun Feb 02 23:41:44 2014 -0600
++++ b/src/reader.c Mon Feb 03 00:26:46 2014 -0600
+@@ -460,6 +460,10 @@
+
+ }
+
++ if (parser->offset >= PTRDIFF_MAX)
++ return yaml_parser_set_reader_error(parser, "input is too long",
++ PTRDIFF_MAX, -1);
++
+ return 1;
+ }
+
+diff -r f859ed1eb757 -r 0df2fb962294 src/yaml_private.h
+--- a/src/yaml_private.h Sun Feb 02 23:41:44 2014 -0600
++++ b/src/yaml_private.h Mon Feb 03 00:26:46 2014 -0600
+@@ -8,6 +8,7 @@
+ #include <assert.h>
+ #include <limits.h>
+ #include <stddef.h>
++#include <stdint.h>
+
+ /*
+ * Memory management.
diff --git a/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-3-of-3.patch b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-3-of-3.patch
new file mode 100644
index 0000000..1d686f4
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-3-of-3.patch
@@ -0,0 +1,35 @@
+# HG changeset patch
+# User Kirill Simonov <xi@resolvent.net>
+# Date 1391409843 21600
+# Mon Feb 03 00:44:03 2014 -0600
+# Node ID af3599437a87162554787c52d8b16eab553f537b
+# Parent 0df2fb962294f3a6df1450a3e08c6a0f74f9078c
+Forgot to set the error state.
+
+diff -r 0df2fb962294 -r af3599437a87 src/scanner.c
+--- a/src/scanner.c Mon Feb 03 00:26:46 2014 -0600
++++ b/src/scanner.c Mon Feb 03 00:44:03 2014 -0600
+@@ -1176,8 +1176,10 @@
+
+ /* Increase the flow level. */
+
+- if (parser->flow_level == INT_MAX)
++ if (parser->flow_level == INT_MAX) {
++ parser->error = YAML_MEMORY_ERROR;
+ return 0;
++ }
+
+ parser->flow_level++;
+
+@@ -1229,8 +1231,10 @@
+ if (!PUSH(parser, parser->indents, parser->indent))
+ return 0;
+
+- if (column > INT_MAX)
++ if (column > INT_MAX) {
++ parser->error = YAML_MEMORY_ERROR;
+ return 0;
++ }
+
+ parser->indent = column;
+
diff --git a/SOURCES/libyaml-CVE-2013-6393-node-id-hardening.patch b/SOURCES/libyaml-CVE-2013-6393-node-id-hardening.patch
new file mode 100644
index 0000000..364264b
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2013-6393-node-id-hardening.patch
@@ -0,0 +1,25 @@
+# HG changeset patch
+# User Florian Weimer <fweimer@redhat.com>
+# Date 1389274355 -3600
+# Thu Jan 09 14:32:35 2014 +0100
+# Node ID 034d7a91581ac930e5958683f1a06f41e96d24a2
+# Parent a54d7af707f25dc298a7be60fd152001d2b3035b
+yaml_stack_extend: guard against integer overflow
+
+diff --git a/src/api.c b/src/api.c
+--- a/src/api.c
++++ b/src/api.c
+@@ -117,7 +117,12 @@
+ YAML_DECLARE(int)
+ yaml_stack_extend(void **start, void **top, void **end)
+ {
+- void *new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
++ void *new_start;
++
++ if ((char *)*end - (char *)*start >= INT_MAX / 2)
++ return 0;
++
++ new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
+
+ if (!new_start) return 0;
+
diff --git a/SOURCES/libyaml-CVE-2013-6393-string-overflow.patch b/SOURCES/libyaml-CVE-2013-6393-string-overflow.patch
new file mode 100644
index 0000000..df63474
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2013-6393-string-overflow.patch
@@ -0,0 +1,20 @@
+# HG changeset patch
+# User Florian Weimer <fweimer@redhat.com>
+# Date 1389273500 -3600
+# Thu Jan 09 14:18:20 2014 +0100
+# Node ID a54d7af707f25dc298a7be60fd152001d2b3035b
+# Parent 3e6507fa0c26d20c09f8f468f2bd04aa2fd1b5b5
+yaml_parser_scan_tag_uri: fix int overflow leading to buffer overflow
+
+diff --git a/src/scanner.c b/src/scanner.c
+--- a/src/scanner.c
++++ b/src/scanner.c
+@@ -2574,7 +2574,7 @@
+
+ /* Resize the string to include the head. */
+
+- while (string.end - string.start <= (int)length) {
++ while ((size_t)(string.end - string.start) <= length) {
+ if (!yaml_string_extend(&string.start, &string.pointer, &string.end)) {
+ parser->error = YAML_MEMORY_ERROR;
+ goto error;
diff --git a/SOURCES/libyaml-CVE-2014-2525-URL-buffer-overflow.patch b/SOURCES/libyaml-CVE-2014-2525-URL-buffer-overflow.patch
new file mode 100644
index 0000000..87e2167
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2014-2525-URL-buffer-overflow.patch
@@ -0,0 +1,44 @@
+diff -r d7cb9c2731c0 configure.ac
+--- a/configure.ac Mon Feb 03 23:42:24 2014 -0600
++++ b/configure.ac Fri Mar 14 17:52:43 2014 -0500
+@@ -19,7 +19,7 @@
+ # YAML_AGE = 0
+ m4_define([YAML_RELEASE], 0)
+ m4_define([YAML_CURRENT], 2)
+-m4_define([YAML_REVISION], 2)
++m4_define([YAML_REVISION], 4)
+ m4_define([YAML_AGE], 0)
+
+ # Initialize autoconf & automake.
+diff -r d7cb9c2731c0 src/scanner.c
+--- a/src/scanner.c Mon Feb 03 23:42:24 2014 -0600
++++ b/src/scanner.c Fri Mar 14 17:52:43 2014 -0500
+@@ -2629,6 +2629,9 @@
+ /* Check if it is a URI-escape sequence. */
+
+ if (CHECK(parser->buffer, '%')) {
++ if (!STRING_EXTEND(parser, string))
++ goto error;
++
+ if (!yaml_parser_scan_uri_escapes(parser,
+ directive, start_mark, &string)) goto error;
+ }
+diff -r d7cb9c2731c0 src/yaml_private.h
+--- a/src/yaml_private.h Mon Feb 03 23:42:24 2014 -0600
++++ b/src/yaml_private.h Fri Mar 14 17:52:43 2014 -0500
+@@ -143,9 +143,12 @@
+ (string).start = (string).pointer = (string).end = 0)
+
+ #define STRING_EXTEND(context,string) \
+- (((string).pointer+5 < (string).end) \
++ ((((string).pointer+5 < (string).end) \
+ || yaml_string_extend(&(string).start, \
+- &(string).pointer, &(string).end))
++ &(string).pointer, &(string).end)) ? \
++ 1 : \
++ ((context)->error = YAML_MEMORY_ERROR, \
++ 0))
+
+ #define CLEAR(context,string) \
+ ((string).pointer = (string).start, \
+diff -r d7cb9c2731c0 win32/config.h
diff --git a/SOURCES/libyaml-CVE-2014-9130.patch b/SOURCES/libyaml-CVE-2014-9130.patch
new file mode 100644
index 0000000..00e15f3
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2014-9130.patch
@@ -0,0 +1,28 @@
+From e6aa721cc0e5a48f408c52355559fd36780ba32a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ingy=20d=C3=B6t=20Net?= <ingy@ingy.net>
+Date: Fri, 28 Nov 2014 09:21:49 -0800
+Subject: [PATCH] Fix for https://bitbucket.org/xi/libyaml/issue/10/
+
+https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
+
+Commenting out the assert makes the scanner do the right thing and
+results in just a simple parse failure.
+---
+ src/scanner.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/scanner.c b/src/scanner.c
+index 88d4fa5..c5f3d2f 100644
+--- a/src/scanner.c
++++ b/src/scanner.c
+@@ -1110,7 +1110,9 @@ yaml_parser_save_simple_key(yaml_parser_t *parser)
+ * line. Therefore it is always allowed. But we add a check anyway.
+ */
+
+- assert(parser->simple_key_allowed || !required); /* Impossible. */
++ /* XXX This caused:
++ * https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
++ assert(parser->simple_key_allowed || !required); */ /* Impossible. */
+
+ /*
+ * If the current position may start a simple key, save it.
diff --git a/SPECS/libyaml.spec b/SPECS/libyaml.spec
new file mode 100644
index 0000000..35a34ed
--- /dev/null
+++ b/SPECS/libyaml.spec
@@ -0,0 +1,155 @@
+%define tarballname yaml
+
+#====================================================================#
+
+Name: libyaml
+Version: 0.1.4
+Release: 11%{?dist}
+Summary: YAML 1.1 parser and emitter written in C
+
+Group: System Environment/Libraries
+License: MIT
+URL: http://pyyaml.org/
+Source0: http://pyyaml.org/download/libyaml/%{tarballname}-%{version}.tar.gz
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+BuildRequires: autoconf, automake, libtool
+
+# CVE-2013-6393
+# https://bugzilla.redhat.com/show_bug.cgi?id=1033990
+Patch0: libyaml-CVE-2013-6393-string-overflow.patch
+Patch1: libyaml-CVE-2013-6393-node-id-hardening.patch
+Patch2: libyaml-CVE-2013-6393-indent-and-flow-overflow-1-of-3.patch
+Patch3: libyaml-CVE-2013-6393-indent-and-flow-overflow-2-of-3.patch
+Patch4: libyaml-CVE-2013-6393-indent-and-flow-overflow-3-of-3.patch
+Patch5: libyaml-CVE-2014-2525-URL-buffer-overflow.patch
+Patch6: libyaml-CVE-2014-9130.patch
+
+%description
+YAML is a data serialization format designed for human readability and
+interaction with scripting languages. LibYAML is a YAML parser and
+emitter written in C.
+
+
+%package devel
+Summary: Development files for LibYAML applications
+Group: Development/Libraries
+Requires: libyaml = %{version}-%{release}, pkgconfig
+
+
+%description devel
+The %{name}-devel package contains libraries and header files for
+developing applications that use LibYAML.
+
+
+%prep
+%setup -q -n %{tarballname}-%{version}
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+
+%build
+autoreconf -i -f
+%configure
+make %{?_smp_mflags}
+
+
+%install
+rm -rf %{buildroot}
+make DESTDIR=%{buildroot} INSTALL="install -p" install
+rm -f %{buildroot}%{_libdir}/*.{la,a}
+
+soname=$(readelf -d %{buildroot}%{_libdir}/libyaml.so | awk '$2 == "(SONAME)" {print $NF}' | tr -d '[]')
+rm -f %{buildroot}%{_libdir}/libyaml.so
+echo "INPUT($soname)" > %{buildroot}%{_libdir}/libyaml.so
+
+
+%check
+make check
+
+
+%clean
+rm -rf %{buildroot}
+
+
+%post -p /sbin/ldconfig
+
+
+%postun -p /sbin/ldconfig
+
+
+%files
+%defattr(-,root,root,-)
+%doc LICENSE README
+%{_libdir}/%{name}*.so.*
+
+
+%files devel
+%defattr(-,root,root,-)
+%doc doc/html
+%{_libdir}/%{name}*.so
+%{_libdir}/pkgconfig/yaml-0.1.pc
+%{_includedir}/yaml.h
+
+
+%changelog
+* Mon Dec 15 2014 John Eckersberg <eck@redhat.com> - 0.1.4-11
+- Add patch for CVE-2014-9130 (RHBZ#1169369)
+
+* Mon Mar 31 2014 John Eckersberg <jeckersb@redhat.com> - 0.1.4-10
+- Work around ldconfig bug with libyaml.so (bz1082822)
+
+* Mon Mar 24 2014 John Eckersberg <jeckersb@redhat.com> - 0.1.4-9
+- Add patch for CVE-2014-2525 (bz1078083)
+
+* Tue Feb 11 2014 John Eckersberg <jeckersb@redhat.com> - 0.1.4-8
+- Add updated indent/flow patches for CVE-2013-6393
+
+* Wed Jan 29 2014 John Eckersberg <jeckersb@redhat.com> - 0.1.4-7
+- Add patches for CVE-2013-6393 (bz1033990)
+
+* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 0.1.4-6
+- Mass rebuild 2014-01-24
+
+* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 0.1.4-5
+- Mass rebuild 2013-12-27
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.4-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.4-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Thu Jun 23 2011 John Eckersberg <jeckersb@redhat.com> - 0.1.4-1
+- New upstream release 0.1.4
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Fri Oct 02 2009 John Eckersberg <jeckersb@redhat.com> - 0.1.3-1
+- New upstream release 0.1.3
+
+* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.2-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Wed Jul 22 2009 John Eckersberg <jeckersb@redhat.com> - 0.1.2-4
+- Minor tweaks to spec file
+- Enable %%check section
+- Thanks Gareth Armstrong <gareth.armstrong@hp.com>
+
+* Tue Mar 3 2009 John Eckersberg <jeckersb@redhat.com> - 0.1.2-3
+- Remove static libraries
+
+* Thu Feb 26 2009 John Eckersberg <jeckersb@redhat.com> - 0.1.2-2
+- Remove README and LICENSE from docs on -devel package
+- Remove -static package and merge contents into the -devel package
+
+* Wed Feb 25 2009 John Eckersberg <jeckersb@redhat.com> - 0.1.2-1
+- Initial packaging for Fedora