Affected versions of this crate did not properly check for recursion
while deserializing aliases.
This allows an attacker to make a YAML file with an alias referring
to itself causing an abort.
The flaw was corrected by checking the recursion depth.