Описание
Security update for jtidy
This update for jtidy fixes the following issues:
- CVE-2023-34623: Prevent crash when parsing documents with excessive nesting (bsc#1212404).
Список пакетов
SUSE Linux Enterprise Module for Development Tools 15 SP4
jtidy-8.0-150200.11.7.1
SUSE Linux Enterprise Module for Development Tools 15 SP5
jtidy-8.0-150200.11.7.1
SUSE Linux Enterprise Real Time 15 SP3
jtidy-8.0-150200.11.7.1
openSUSE Leap 15.4
jtidy-8.0-150200.11.7.1
jtidy-javadoc-8.0-150200.11.7.1
jtidy-scripts-8.0-150200.11.7.1
openSUSE Leap 15.5
jtidy-8.0-150200.11.7.1
jtidy-javadoc-8.0-150200.11.7.1
jtidy-scripts-8.0-150200.11.7.1
Ссылки
- Link for SUSE-SU-2023:3164-1
- E-Mail link for SUSE-SU-2023:3164-1
- SUSE Security Ratings
- SUSE Bug 1212404
- SUSE CVE CVE-2023-34623 page
Описание
An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies.
Затронутые продукты
SUSE Linux Enterprise Module for Development Tools 15 SP4:jtidy-8.0-150200.11.7.1
SUSE Linux Enterprise Module for Development Tools 15 SP5:jtidy-8.0-150200.11.7.1
SUSE Linux Enterprise Real Time 15 SP3:jtidy-8.0-150200.11.7.1
openSUSE Leap 15.4:jtidy-8.0-150200.11.7.1
Ссылки
- CVE-2023-34623
- SUSE Bug 1212404