Stay Secure with the Latest Linux Advisories

security advisoryfedorasoftware patch

Fedora 36: 2022-930b54aa84 Major Update: PlantUML XSS Security Fix

notes=Security fix for [CVE-2022-1231]. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-930b54aa84 2022-05-07 04:08:14.315686 --------------------------------------------------------------------------------Name : plantuml Product : Fedora 36 Version : 1.2022.4 Release : 1.fc36 URL : https://plantuml.com/ Summary : Program to generate UML diagram from a text description Description : PlantUML is a program allowing to draw UML diagrams, using a simple and human readable text description. It is extremely useful for code documenting, sketching project architecture during team conversations and so on. PlantUML supports the following diagram types - sequence diagram - use case diagram - class diagram - activity diagram - component diagram - state diagram --------------------------------------------------------------------------------Update Information: notes=Security fix for [CVE-2022-1231] --------------------------------------------------------------------------------ChangeLog: * Mon Apr 18 2022 Sandipan Roy - 1:1.2022.4-1 - Updated version to 1.2022.4 - Added fix for rhbz#2076162 - Added fix for rhbz#2076163 * Mon Mar 7 2022 Sandipan Roy - 1:1.2022.2-1 - Updated version to 1.2022.2 --------------------------------------------------------------------------------References: [ 1 ] Bug #2076163 - CVE-2022-1231 plantuml: Stored XSS in the context of the diagram embedder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2076163 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-930b54aa84' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details onthe GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 36 has released an update for PlantUML to mitigate a critical stored XSS vulnerability. The security advisory encompasses specific details regarding the fix implemented.. PlantUML Update, Fedora Security, XSS Bug Fix, Software Security, Open Source Patch. . Severity: Important. LinuxSecurity.com Team

May 07, 2022 •Important Fedora