Описание
Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| fop | fixed | 1:2.10+dfsg-1~exp0 | experimental | package |
| fop | fixed | 1:2.10+dfsg-1 | package | |
| fop | no-dsa | bookworm | package | |
| fop | postponed | bullseye | package |
Примечания
https://www.openwall.com/lists/oss-security/2024/10/09/1
https://issues.apache.org/jira/browse/FOP-3168
https://github.com/apache/xmlgraphics-fop/commit/d96ba9a11710d02716b6f4f6107ebfa9ccec7134 (2_10)
Связанные уязвимости
Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue.
Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue.
Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to upgrade to version 2.10, which fixes the issue.
Security update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop
Apache XML Graphics FOP XML External Entity Reference ('XXE') vulnerability