What Are You Looking For?

Popular Tags

Sign Up

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5426-1                   [email protected]
https://www.debian.org/security/                                  Aron Xu
June 14, 2023                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : owslib
CVE ID         : CVE-2023-27476
Debian Bug     : 1034182

An arbitrary file reads from malformed XML payload vulnerbility was
discovered in owslib, the Python client library for Open Geospatial (OGC)
web services. This issue has been addressed by always using lxml as the
XML parser with entity resolution disabled.

For the oldstable distribution (bullseye), this problem has been fixed
in version 0.23.0-1+deb11u1.

We recommend that you upgrade your owslib packages.

For the detailed security status of owslib please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/owslib

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Debian: DSA-5426-1: owslib security update

June 14, 2023
An arbitrary file reads from malformed XML payload vulnerbility was discovered in owslib, the Python client library for Open Geospatial (OGC) web services

Summary

For the oldstable distribution (bullseye), this problem has been fixed
in version 0.23.0-1+deb11u1.

We recommend that you upgrade your owslib packages.

For the detailed security status of owslib please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/owslib

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Severity
An arbitrary file reads from malformed XML payload vulnerbility was
discovered in owslib, the Python client library for Open Geospatial (OGC)
web services. This issue has been addressed by always using lxml as the
XML parser with entity resolution disabled.

Related News

Remotely Exploitable Poppler DoS Bugs Fixed - Update Now!

Sep 22, 2023

Sigstore Announces the First Stable Release of Code and Certificate Signing Tool for Python

Jan 16, 2023

Critical LibreOffice Code Execution Vuln Fixed

Jun 8, 2023

Python Package Index Found Stuffed with AWS Keys and Malware

Jan 16, 2023

News

Advisories

HOWTOs

Features

The Unseen Potential of Wake-on-LAN
Linux Vulnerabilities: The Antidote to This Linux Security Poison
Preventing Linux DDoS Attacks with Minimal Cybersecurity Knowledge
Navigating Software Scalability: A Practical Guide to Building Scalable Systems with Linux
Unlocking the Secrets of Linux Security: An Expert Analysis

About Us

Powered By

Footer Logo

Feedback