Bug 52280 - Для закрытия CVE-2022-34169 необходимо обновить пакет
Summary: Для закрытия CVE-2022-34169 необходимо обновить пакет
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: xalan-j2 (show other bugs)
Version: unstable
Hardware: x86_64 Linux
: P5 normal
Assignee: viy
QA Contact: qa-sisyphus
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-11-29 15:10 MSK by FelixZ
Modified: 2024-11-30 19:24 MSK (History)
4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description FelixZ 2024-11-29 15:10:15 MSK 
Для закрытия уязвимости CVE-2022-34169, прошу обновить пакет xalan-j2 до версии 2.7.3.
https://github.com/advisories/GHSA-9339-86wc-4qgf
https://xalan.apache.org/xalan-j/readme.html#notes_latest
Comment 1 Repository Robot 2024-11-30 19:24:41 MSK 
xalan-j2-0:2.7.3-alt1 -> sisyphus:

 Sat Nov 30 2024 Andrey Cherepanov <cas@altlinux> 0:2.7.3-alt1
 - New version.
 - Security fixes: CVE-2022-34169 (ALT #52280).
 - Fix license according to SPDX.