Explore top 10 tips to secure your open-source projects now. Read More
×
This update for xmlgraphics-batik fixes the following issues:
* CVE-2022-41704: Fixed information disclosure vulnerability in Apache Batik
(bsc#1204704).
* CVE-2022-42890: Fixed information disclosure vulnerability in Apache Batik
(bsc#1204709).
* CVE-2022-44730: Fixed Server-Side Request Forgery.
* CVE-2022-44729: Fixed Server-Side Request Forgery.
Upgrade to version 1.17.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-808=1
* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-808=1
* openSUSE Leap 15.5 (noarch)
* xmlgraphics-batik-1.17-150200.4.7.1
* xmlgraphics-batik-svgpp-1.17-150200.4.7.1
* xmlgraphics-batik-ttf2svg-1.17-150200.4.7.1
* xmlgraphics-batik-squiggle-1.17-150200.4.7.1
* xmlgraphics-batik-javadoc-1.17-150200.4.7.1
* xmlgraphics-batik-slideshow-1.17-150200.4.7.1
* xmlgraphics-batik-rasterizer-1.17-150200.4.7.1
* xmlgraphics-batik-css-1.17-150200.4.7.1
* xmlgraphics-batik-demo-1.17-150200.4.7.1
* Development Tools Module 15-SP5 (noarch)
* xmlgraphics-batik-css-1.17-150200.4.7.1
* xmlgraphics-batik-1.17-150200.4.7.1
* bsc#1204704
* bsc#1204709
## References:
* https://www.suse.com/security/cve/CVE-2022-41704.html
* https://www.suse.com/security/cve/CVE-2022-42890.html
* https://www.suse.com/security/cve/CVE-2022-44729.html
* https://www.suse.com/security/cve/CVE-2022-44730.html
* https://bugzilla.suse.com/show_bug.cgi?id=1204704
* https://bugzilla.suse.com/show_bug.cgi?id=1204709
Get the latest Linux and open source security news straight to your inbox.