Описание
Security update for python3-openpyxl
This update for python3-openpyxl fixes one security issue:
- CVE-2017-5992: Prevent resolving external entities by default, which allowed remote attackers to conduct XXE attacks via a crafted .xlsx document (bsc#1025592).
Список пакетов
openSUSE Leap 42.3
python3-openpyxl-2.2.4-7.3.1
Ссылки
- E-Mail link for openSUSE-SU-2018:0522-1
- SUSE Security Ratings
Описание
Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.
Затронутые продукты
openSUSE Leap 42.3:python3-openpyxl-2.2.4-7.3.1
Ссылки
- CVE-2017-5992
- SUSE Bug 1025592