diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..efe50cb
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/yaml-0.1.4.tar.gz
diff --git a/.libyaml.metadata b/.libyaml.metadata
new file mode 100644
index 0000000..5d67042
--- /dev/null
+++ b/.libyaml.metadata
@@ -0,0 +1 @@
+e0e5e09192ab10a607e3da2970db492118f560f2 SOURCES/yaml-0.1.4.tar.gz
diff --git a/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-1-of-3.patch b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-1-of-3.patch
new file mode 100644
index 0000000..777f148
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-1-of-3.patch
@@ -0,0 +1,86 @@
+# HG changeset patch
+# User Kirill Simonov <xi@resolvent.net>
+# Date 1391406104 21600
+#      Sun Feb 02 23:41:44 2014 -0600
+# Node ID f859ed1eb757a3562b98a28a8ce69274bfd4b3f2
+# Parent  da9bc6f12781a583076c7b60d057df5d7b50f96f
+Guard against overflows in indent and flow_level.
+
+diff -r da9bc6f12781 -r f859ed1eb757 src/scanner.c
+--- a/src/scanner.c	Sun Feb 02 20:54:05 2014 -0600
++++ b/src/scanner.c	Sun Feb 02 23:41:44 2014 -0600
+@@ -615,11 +615,11 @@
+  */
+ 
+ static int
+-yaml_parser_roll_indent(yaml_parser_t *parser, int column,
+-        int number, yaml_token_type_t type, yaml_mark_t mark);
++yaml_parser_roll_indent(yaml_parser_t *parser, ptrdiff_t column,
++        ptrdiff_t number, yaml_token_type_t type, yaml_mark_t mark);
+ 
+ static int
+-yaml_parser_unroll_indent(yaml_parser_t *parser, int column);
++yaml_parser_unroll_indent(yaml_parser_t *parser, ptrdiff_t column);
+ 
+ /*
+  * Token fetchers.
+@@ -1103,7 +1103,7 @@
+      */
+ 
+     int required = (!parser->flow_level
+-            && parser->indent == (int)parser->mark.column);
++            && parser->indent == (ptrdiff_t)parser->mark.column);
+ 
+     /*
+      * A simple key is required only when it is the first token in the current
+@@ -1176,6 +1176,9 @@
+ 
+     /* Increase the flow level. */
+ 
++    if (parser->flow_level == INT_MAX)
++        return 0;
++
+     parser->flow_level++;
+ 
+     return 1;
+@@ -1206,8 +1209,8 @@
+  */
+ 
+ static int
+-yaml_parser_roll_indent(yaml_parser_t *parser, int column,
+-        int number, yaml_token_type_t type, yaml_mark_t mark)
++yaml_parser_roll_indent(yaml_parser_t *parser, ptrdiff_t column,
++        ptrdiff_t number, yaml_token_type_t type, yaml_mark_t mark)
+ {
+     yaml_token_t token;
+ 
+@@ -1226,6 +1229,9 @@
+         if (!PUSH(parser, parser->indents, parser->indent))
+             return 0;
+ 
++        if (column > INT_MAX)
++            return 0;
++
+         parser->indent = column;
+ 
+         /* Create a token and insert it into the queue. */
+@@ -1254,7 +1260,7 @@
+ 
+ 
+ static int
+-yaml_parser_unroll_indent(yaml_parser_t *parser, int column)
++yaml_parser_unroll_indent(yaml_parser_t *parser, ptrdiff_t column)
+ {
+     yaml_token_t token;
+ 
+diff -r da9bc6f12781 -r f859ed1eb757 src/yaml_private.h
+--- a/src/yaml_private.h	Sun Feb 02 20:54:05 2014 -0600
++++ b/src/yaml_private.h	Sun Feb 02 23:41:44 2014 -0600
+@@ -7,6 +7,7 @@
+ 
+ #include <assert.h>
+ #include <limits.h>
++#include <stddef.h>
+ 
+ /*
+  * Memory management.
diff --git a/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-2-of-3.patch b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-2-of-3.patch
new file mode 100644
index 0000000..be6fc05
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-2-of-3.patch
@@ -0,0 +1,33 @@
+# HG changeset patch
+# User Kirill Simonov <xi@resolvent.net>
+# Date 1391408806 21600
+#      Mon Feb 03 00:26:46 2014 -0600
+# Node ID 0df2fb962294f3a6df1450a3e08c6a0f74f9078c
+# Parent  f859ed1eb757a3562b98a28a8ce69274bfd4b3f2
+Limit input size to SIZE_MAX/2.
+
+diff -r f859ed1eb757 -r 0df2fb962294 src/reader.c
+--- a/src/reader.c	Sun Feb 02 23:41:44 2014 -0600
++++ b/src/reader.c	Mon Feb 03 00:26:46 2014 -0600
+@@ -460,6 +460,10 @@
+ 
+     }
+ 
++    if (parser->offset >= PTRDIFF_MAX)
++        return yaml_parser_set_reader_error(parser, "input is too long",
++                PTRDIFF_MAX, -1);
++
+     return 1;
+ }
+ 
+diff -r f859ed1eb757 -r 0df2fb962294 src/yaml_private.h
+--- a/src/yaml_private.h	Sun Feb 02 23:41:44 2014 -0600
++++ b/src/yaml_private.h	Mon Feb 03 00:26:46 2014 -0600
+@@ -8,6 +8,7 @@
+ #include <assert.h>
+ #include <limits.h>
+ #include <stddef.h>
++#include <stdint.h>
+ 
+ /*
+  * Memory management.
diff --git a/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-3-of-3.patch b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-3-of-3.patch
new file mode 100644
index 0000000..1d686f4
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2013-6393-indent-and-flow-overflow-3-of-3.patch
@@ -0,0 +1,35 @@
+# HG changeset patch
+# User Kirill Simonov <xi@resolvent.net>
+# Date 1391409843 21600
+#      Mon Feb 03 00:44:03 2014 -0600
+# Node ID af3599437a87162554787c52d8b16eab553f537b
+# Parent  0df2fb962294f3a6df1450a3e08c6a0f74f9078c
+Forgot to set the error state.
+
+diff -r 0df2fb962294 -r af3599437a87 src/scanner.c
+--- a/src/scanner.c	Mon Feb 03 00:26:46 2014 -0600
++++ b/src/scanner.c	Mon Feb 03 00:44:03 2014 -0600
+@@ -1176,8 +1176,10 @@
+ 
+     /* Increase the flow level. */
+ 
+-    if (parser->flow_level == INT_MAX)
++    if (parser->flow_level == INT_MAX) {
++        parser->error = YAML_MEMORY_ERROR;
+         return 0;
++    }
+ 
+     parser->flow_level++;
+ 
+@@ -1229,8 +1231,10 @@
+         if (!PUSH(parser, parser->indents, parser->indent))
+             return 0;
+ 
+-        if (column > INT_MAX)
++        if (column > INT_MAX) {
++            parser->error = YAML_MEMORY_ERROR;
+             return 0;
++        }
+ 
+         parser->indent = column;
+ 
diff --git a/SOURCES/libyaml-CVE-2013-6393-node-id-hardening.patch b/SOURCES/libyaml-CVE-2013-6393-node-id-hardening.patch
new file mode 100644
index 0000000..364264b
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2013-6393-node-id-hardening.patch
@@ -0,0 +1,25 @@
+# HG changeset patch
+# User Florian Weimer <fweimer@redhat.com>
+# Date 1389274355 -3600
+#      Thu Jan 09 14:32:35 2014 +0100
+# Node ID 034d7a91581ac930e5958683f1a06f41e96d24a2
+# Parent  a54d7af707f25dc298a7be60fd152001d2b3035b
+yaml_stack_extend: guard against integer overflow
+
+diff --git a/src/api.c b/src/api.c
+--- a/src/api.c
++++ b/src/api.c
+@@ -117,7 +117,12 @@
+ YAML_DECLARE(int)
+ yaml_stack_extend(void **start, void **top, void **end)
+ {
+-    void *new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
++    void *new_start;
++
++    if ((char *)*end - (char *)*start >= INT_MAX / 2)
++	return 0;
++
++    new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
+ 
+     if (!new_start) return 0;
+ 
diff --git a/SOURCES/libyaml-CVE-2013-6393-string-overflow.patch b/SOURCES/libyaml-CVE-2013-6393-string-overflow.patch
new file mode 100644
index 0000000..df63474
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2013-6393-string-overflow.patch
@@ -0,0 +1,20 @@
+# HG changeset patch
+# User Florian Weimer <fweimer@redhat.com>
+# Date 1389273500 -3600
+#      Thu Jan 09 14:18:20 2014 +0100
+# Node ID a54d7af707f25dc298a7be60fd152001d2b3035b
+# Parent  3e6507fa0c26d20c09f8f468f2bd04aa2fd1b5b5
+yaml_parser_scan_tag_uri: fix int overflow leading to buffer overflow
+
+diff --git a/src/scanner.c b/src/scanner.c
+--- a/src/scanner.c
++++ b/src/scanner.c
+@@ -2574,7 +2574,7 @@
+ 
+     /* Resize the string to include the head. */
+ 
+-    while (string.end - string.start <= (int)length) {
++    while ((size_t)(string.end - string.start) <= length) {
+         if (!yaml_string_extend(&string.start, &string.pointer, &string.end)) {
+             parser->error = YAML_MEMORY_ERROR;
+             goto error;
diff --git a/SOURCES/libyaml-CVE-2014-2525-URL-buffer-overflow.patch b/SOURCES/libyaml-CVE-2014-2525-URL-buffer-overflow.patch
new file mode 100644
index 0000000..87e2167
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2014-2525-URL-buffer-overflow.patch
@@ -0,0 +1,44 @@
+diff -r d7cb9c2731c0 configure.ac
+--- a/configure.ac	Mon Feb 03 23:42:24 2014 -0600
++++ b/configure.ac	Fri Mar 14 17:52:43 2014 -0500
+@@ -19,7 +19,7 @@
+ #           YAML_AGE = 0
+ m4_define([YAML_RELEASE], 0)
+ m4_define([YAML_CURRENT], 2)
+-m4_define([YAML_REVISION], 2)
++m4_define([YAML_REVISION], 4)
+ m4_define([YAML_AGE], 0)
+ 
+ # Initialize autoconf & automake.
+diff -r d7cb9c2731c0 src/scanner.c
+--- a/src/scanner.c	Mon Feb 03 23:42:24 2014 -0600
++++ b/src/scanner.c	Fri Mar 14 17:52:43 2014 -0500
+@@ -2629,6 +2629,9 @@
+         /* Check if it is a URI-escape sequence. */
+ 
+         if (CHECK(parser->buffer, '%')) {
++            if (!STRING_EXTEND(parser, string))
++                goto error;
++
+             if (!yaml_parser_scan_uri_escapes(parser,
+                         directive, start_mark, &string)) goto error;
+         }
+diff -r d7cb9c2731c0 src/yaml_private.h
+--- a/src/yaml_private.h	Mon Feb 03 23:42:24 2014 -0600
++++ b/src/yaml_private.h	Fri Mar 14 17:52:43 2014 -0500
+@@ -143,9 +143,12 @@
+      (string).start = (string).pointer = (string).end = 0)
+ 
+ #define STRING_EXTEND(context,string)                                           \
+-    (((string).pointer+5 < (string).end)                                        \
++    ((((string).pointer+5 < (string).end)                                       \
+         || yaml_string_extend(&(string).start,                                  \
+-            &(string).pointer, &(string).end))
++            &(string).pointer, &(string).end)) ?                                \
++         1 :                                                                    \
++        ((context)->error = YAML_MEMORY_ERROR,                                  \
++         0))
+ 
+ #define CLEAR(context,string)                                                   \
+     ((string).pointer = (string).start,                                         \
+diff -r d7cb9c2731c0 win32/config.h
diff --git a/SOURCES/libyaml-CVE-2014-9130.patch b/SOURCES/libyaml-CVE-2014-9130.patch
new file mode 100644
index 0000000..00e15f3
--- /dev/null
+++ b/SOURCES/libyaml-CVE-2014-9130.patch
@@ -0,0 +1,28 @@
+From e6aa721cc0e5a48f408c52355559fd36780ba32a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ingy=20d=C3=B6t=20Net?= <ingy@ingy.net>
+Date: Fri, 28 Nov 2014 09:21:49 -0800
+Subject: [PATCH] Fix for https://bitbucket.org/xi/libyaml/issue/10/
+
+https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
+
+Commenting out the assert makes the scanner do the right thing and
+results in just a simple parse failure.
+---
+ src/scanner.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/scanner.c b/src/scanner.c
+index 88d4fa5..c5f3d2f 100644
+--- a/src/scanner.c
++++ b/src/scanner.c
+@@ -1110,7 +1110,9 @@ yaml_parser_save_simple_key(yaml_parser_t *parser)
+      * line.  Therefore it is always allowed.  But we add a check anyway.
+      */
+ 
+-    assert(parser->simple_key_allowed || !required);    /* Impossible. */
++    /* XXX This caused:
++     * https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
++    assert(parser->simple_key_allowed || !required); */    /* Impossible. */
+ 
+     /*
+      * If the current position may start a simple key, save it.
diff --git a/SPECS/libyaml.spec b/SPECS/libyaml.spec
new file mode 100644
index 0000000..35a34ed
--- /dev/null
+++ b/SPECS/libyaml.spec
@@ -0,0 +1,155 @@
+%define tarballname yaml
+
+#====================================================================#
+
+Name:       libyaml
+Version:    0.1.4
+Release:    11%{?dist}
+Summary:    YAML 1.1 parser and emitter written in C
+
+Group:      System Environment/Libraries
+License:    MIT
+URL:        http://pyyaml.org/
+Source0:    http://pyyaml.org/download/libyaml/%{tarballname}-%{version}.tar.gz
+BuildRoot:  %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+BuildRequires: autoconf, automake, libtool
+
+# CVE-2013-6393
+# https://bugzilla.redhat.com/show_bug.cgi?id=1033990
+Patch0:     libyaml-CVE-2013-6393-string-overflow.patch
+Patch1:     libyaml-CVE-2013-6393-node-id-hardening.patch
+Patch2:     libyaml-CVE-2013-6393-indent-and-flow-overflow-1-of-3.patch
+Patch3:     libyaml-CVE-2013-6393-indent-and-flow-overflow-2-of-3.patch
+Patch4:     libyaml-CVE-2013-6393-indent-and-flow-overflow-3-of-3.patch
+Patch5:     libyaml-CVE-2014-2525-URL-buffer-overflow.patch
+Patch6:     libyaml-CVE-2014-9130.patch
+
+%description
+YAML is a data serialization format designed for human readability and
+interaction with scripting languages.  LibYAML is a YAML parser and
+emitter written in C.
+
+
+%package devel
+Summary:   Development files for LibYAML applications
+Group:     Development/Libraries
+Requires:  libyaml = %{version}-%{release}, pkgconfig
+
+
+%description devel
+The %{name}-devel package contains libraries and header files for
+developing applications that use LibYAML.
+
+
+%prep
+%setup -q -n %{tarballname}-%{version}
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+
+%build
+autoreconf -i -f
+%configure
+make %{?_smp_mflags}
+
+
+%install
+rm -rf %{buildroot}
+make DESTDIR=%{buildroot} INSTALL="install -p" install
+rm -f %{buildroot}%{_libdir}/*.{la,a}
+
+soname=$(readelf -d %{buildroot}%{_libdir}/libyaml.so | awk '$2 == "(SONAME)" {print $NF}' | tr -d '[]')
+rm -f %{buildroot}%{_libdir}/libyaml.so
+echo "INPUT($soname)" > %{buildroot}%{_libdir}/libyaml.so
+
+
+%check
+make check
+
+
+%clean
+rm -rf %{buildroot}
+
+
+%post -p /sbin/ldconfig
+
+
+%postun -p /sbin/ldconfig
+
+
+%files
+%defattr(-,root,root,-)
+%doc LICENSE README
+%{_libdir}/%{name}*.so.*
+
+
+%files devel
+%defattr(-,root,root,-)
+%doc doc/html
+%{_libdir}/%{name}*.so
+%{_libdir}/pkgconfig/yaml-0.1.pc
+%{_includedir}/yaml.h
+
+
+%changelog
+* Mon Dec 15 2014 John Eckersberg <eck@redhat.com> - 0.1.4-11
+- Add patch for CVE-2014-9130 (RHBZ#1169369)
+
+* Mon Mar 31 2014 John Eckersberg <jeckersb@redhat.com> - 0.1.4-10
+- Work around ldconfig bug with libyaml.so (bz1082822)
+
+* Mon Mar 24 2014 John Eckersberg <jeckersb@redhat.com> - 0.1.4-9
+- Add patch for CVE-2014-2525 (bz1078083)
+
+* Tue Feb 11 2014 John Eckersberg <jeckersb@redhat.com> - 0.1.4-8
+- Add updated indent/flow patches for CVE-2013-6393
+
+* Wed Jan 29 2014 John Eckersberg <jeckersb@redhat.com> - 0.1.4-7
+- Add patches for CVE-2013-6393 (bz1033990)
+
+* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 0.1.4-6
+- Mass rebuild 2014-01-24
+
+* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 0.1.4-5
+- Mass rebuild 2013-12-27
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.4-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.4-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Thu Jun 23 2011 John Eckersberg <jeckersb@redhat.com> - 0.1.4-1
+- New upstream release 0.1.4
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Fri Oct 02 2009 John Eckersberg <jeckersb@redhat.com> - 0.1.3-1
+- New upstream release 0.1.3
+
+* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.2-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Wed Jul 22 2009 John Eckersberg <jeckersb@redhat.com> - 0.1.2-4
+- Minor tweaks to spec file
+- Enable %%check section
+- Thanks Gareth Armstrong <gareth.armstrong@hp.com>
+
+* Tue Mar 3 2009 John Eckersberg <jeckersb@redhat.com> - 0.1.2-3
+- Remove static libraries
+
+* Thu Feb 26 2009 John Eckersberg <jeckersb@redhat.com> - 0.1.2-2
+- Remove README and LICENSE from docs on -devel package
+- Remove -static package and merge contents into the -devel package
+
+* Wed Feb 25 2009 John Eckersberg <jeckersb@redhat.com> - 0.1.2-1
+- Initial packaging for Fedora