SUSE-SU-2023:3016-1

Опубликовано: 28 июл. 2023

Источник: suse-cvrf

Описание

Security update for jtidy

This update for jtidy fixes the following issues:

CVE-2023-34623: Prevent crash when parsing documents with excessive nesting (bsc#1212404).

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

jtidy-8.0-150000.4.3.1

SUSE Linux Enterprise Server 15 SP1-LTSS

jtidy-8.0-150000.4.3.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

jtidy-8.0-150000.4.3.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233016-1/
Link for SUSE-SU-2023:3016-1
https://lists.suse.com/pipermail/sle-updates/2023-July/030626.html
E-Mail link for SUSE-SU-2023:3016-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1212404
SUSE Bug 1212404
https://www.suse.com/security/cve/CVE-2023-34623/
SUSE CVE CVE-2023-34623 page

Описание

An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:jtidy-8.0-150000.4.3.1

SUSE Linux Enterprise Server 15 SP1-LTSS:jtidy-8.0-150000.4.3.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1:jtidy-8.0-150000.4.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-34623.html
CVE-2023-34623
https://bugzilla.suse.com/1212404
SUSE Bug 1212404

SUSE-SU-2023:3016-1

Описание

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

Ссылки

Уязвимость: CVE-2023-34623

Описание

Затронутые продукты

Ссылки