Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

SUSE: 2020:1382-1 Important: dom4j XML External Entity Fix

suse
Calendar Grey May 22, 2020
Dist Suse Esm H88
SUSE has released a critical update for dom4j to mitigate an XML External Entity (XXE) vulnerability. It's essential to apply this update!
An update that fixes one vulnerability is now available

Summary

This update for dom4j fixes the following issues: - CVE-2020-10683: Fixed an XML External Entity vulnerability in default SAX parser (bsc#1169760). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 3.2: zypper in -t patch SUSE-SUSE-Manager-Server-3.2-2020-1382=1 Package List: - SUSE Manager Server 3.2 (noarch): dom4j-1.6.1-27.7.2

References

#1169760

Cross- CVE-2020-10683

Affected Products:

SUSE Manager Server 3.2

https://www.suse.com/security/cve/CVE-2020-10683.html

https://bugzilla.suse.com/1169760

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:1382-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here