Описание
Security update for python-openpyxl
This update for python-openpyxl fixes one issue.
This security issue was fixed:
- CVE-2017-5992: Prevent resolving external entities by default, which allowed remote attackers to conduct XXE attacks via a crafted .xlsx document (bsc#1025592).
Список пакетов
openSUSE Leap 42.2
python-openpyxl-2.2.2-7.1
openSUSE Leap 42.3
python-openpyxl-2.2.2-7.1
Ссылки
- E-Mail link for openSUSE-SU-2018:0108-1
- SUSE Security Ratings
Описание
Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.
Затронутые продукты
openSUSE Leap 42.2:python-openpyxl-2.2.2-7.1
openSUSE Leap 42.3:python-openpyxl-2.2.2-7.1
Ссылки
- CVE-2017-5992
- SUSE Bug 1025592