Описание
ELSA-2025-1300: gcc-toolset-14-gcc security update (MODERATE)
[14.2.1-1.3]
- disable jQuery use, don't ship jquery.js (CVE-2020-11023, RHEL-78383)
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
gcc-toolset-14-gcc
14.2.1-1.3.el9_5
gcc-toolset-14-gcc-c++
14.2.1-1.3.el9_5
gcc-toolset-14-gcc-gfortran
14.2.1-1.3.el9_5
gcc-toolset-14-gcc-plugin-annobin
14.2.1-1.3.el9_5
gcc-toolset-14-gcc-plugin-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libasan-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libatomic-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libgccjit
14.2.1-1.3.el9_5
gcc-toolset-14-libgccjit-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libitm-devel
14.2.1-1.3.el9_5
gcc-toolset-14-liblsan-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libstdc++-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libstdc++-docs
14.2.1-1.3.el9_5
gcc-toolset-14-libtsan-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libubsan-devel
14.2.1-1.3.el9_5
libasan8
14.2.1-1.3.el9_5
libtsan2
14.2.1-1.3.el9_5
Oracle Linux x86_64
gcc-toolset-14-gcc
14.2.1-1.3.el9_5
gcc-toolset-14-gcc-c++
14.2.1-1.3.el9_5
gcc-toolset-14-gcc-gfortran
14.2.1-1.3.el9_5
gcc-toolset-14-gcc-plugin-annobin
14.2.1-1.3.el9_5
gcc-toolset-14-gcc-plugin-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libasan-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libatomic-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libgccjit
14.2.1-1.3.el9_5
gcc-toolset-14-libgccjit-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libitm-devel
14.2.1-1.3.el9_5
gcc-toolset-14-liblsan-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libquadmath-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libstdc++-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libstdc++-docs
14.2.1-1.3.el9_5
gcc-toolset-14-libtsan-devel
14.2.1-1.3.el9_5
gcc-toolset-14-libubsan-devel
14.2.1-1.3.el9_5
gcc-toolset-14-offload-nvptx
14.2.1-1.3.el9_5
libasan8
14.2.1-1.3.el9_5
libtsan2
14.2.1-1.3.el9_5
Связанные CVE
Связанные уязвимости
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, pa ...
