openSUSE-SU-2019:1486-1

Опубликовано: 02 июн. 2019

Источник: suse-cvrf

Описание

Security update for doxygen

This update for doxygen fixes the following issues:

CVE-2016-10245: Fixed XSS via insufficient sanitization of the query parameter in templates/html/search_opensearch.php [boo#1136364]

Список пакетов

openSUSE Leap 42.3

doxygen-1.8.11-4.3.1

doxygen-doc-1.8.11-4.3.1

doxywizard-1.8.11-4.3.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00000.html
E-Mail link for openSUSE-SU-2019:1486-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection.

Затронутые продукты

openSUSE Leap 42.3:doxygen-1.8.11-4.3.1

openSUSE Leap 42.3:doxygen-doc-1.8.11-4.3.1

openSUSE Leap 42.3:doxywizard-1.8.11-4.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-10245.html
CVE-2016-10245
https://bugzilla.suse.com/1136364
SUSE Bug 1136364

openSUSE-SU-2019:1486-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2016-10245

Описание

Затронутые продукты

Ссылки