Fedora 32: python-lxml 2020-307946cfb6
Fedora 32: python-lxml 2020-307946cfb6
This update fixes mXSS security vulnerability due to the use of improper parser (CVE-2020-27783)
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-307946cfb6 2021-01-14 01:42:30.106511 -------------------------------------------------------------------------------- Name : python-lxml Product : Fedora 32 Version : 4.4.1 Release : 5.fc32 URL : https://github.com/lxml/lxml Summary : XML processing library combining libxml2/libxslt with the ElementTree API Description : lxml is a Pythonic, mature binding for the libxml2 and libxslt libraries. It provides safe and convenient access to these libraries using the ElementTree It extends the ElementTree API significantly to offer support for XPath, RelaxNG, XML Schema, XSLT, C14N and much more.To contact the project, go to the project home page < or see our bug tracker at case you want to use the current ... -------------------------------------------------------------------------------- Update Information: This update fixes mXSS security vulnerability due to the use of improper parser (CVE-2020-27783) -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 18 2020 Mikolaj Izdebski- 4.4.1-5 - Fix mXSS vulnerability due to the use of improper parser - Resolves: CVE-2020-27783 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1901633 - CVE-2020-27783 python-lxml: mXSS due to the use of improper parser https://bugzilla.redhat.com/show_bug.cgi?id=1901633 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-307946cfb6' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.