SUSE-SU-2023:1948-1

Опубликовано: 21 апр. 2023

Источник: suse-cvrf

Описание

Security update for jettison

This update for jettison fixes the following issues:

Upgrade to version 1.5.4:

CVE-2023-1436: Fixed infinite recursion triggered when constructing a JSONArray from a Collection (bsc#1209605).

Список пакетов

openSUSE Leap 15.4

jettison-1.5.4-150200.3.7.1

jettison-javadoc-1.5.4-150200.3.7.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20231948-1/
Link for SUSE-SU-2023:1948-1
https://lists.suse.com/pipermail/sle-security-updates/2023-April/014547.html
E-Mail link for SUSE-SU-2023:1948-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1209605
SUSE Bug 1209605
https://www.suse.com/security/cve/CVE-2023-1436/
SUSE CVE CVE-2023-1436 page

Описание

An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown.

Затронутые продукты

openSUSE Leap 15.4:jettison-1.5.4-150200.3.7.1

openSUSE Leap 15.4:jettison-javadoc-1.5.4-150200.3.7.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-1436.html
CVE-2023-1436
https://bugzilla.suse.com/1209605
SUSE Bug 1209605

SUSE-SU-2023:1948-1

Описание

Список пакетов

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2023-1436

Описание

Затронутые продукты

Ссылки