openSUSE-SU-2021:0855-1

Опубликовано: 08 июн. 2021

Источник: suse-cvrf

Описание

Security update for snakeyaml

This update for snakeyaml fixes the following issues:

Upgrade to 1.28
CVE-2017-18640: The Alias feature allows entity expansion during a load operation (bsc#1159488, bsc#1186088)

This update was imported from the SUSE:SLE-15-SP2:Update update project.

snakeyaml-1.28-lp152.2.3.1

snakeyaml-javadoc-1.28-lp152.2.3.1

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

openSUSE Leap 15.2:snakeyaml-1.28-lp152.2.3.1

openSUSE Leap 15.2:snakeyaml-javadoc-1.28-lp152.2.3.1