Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.4:Update
patchinfo.17877
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.17877
<patchinfo incident="17877"> <issue tracker="bnc" id="1180145">VUL-0: CVE-2020-26259: xstream: Arbitrary File Deletion on the local host when unmarshalling</issue> <issue tracker="bnc" id="1180994">VUL-0: CVE-2020-26217: xstream: remote code execution due to insecure XML deserialization when relying on blocklists</issue> <issue tracker="bnc" id="1180146">VUL-0: CVE-2020-26258: xstream: Server-Side Forgery Request vulnerability can be activated when unmarshalling</issue> <issue tracker="cve" id="2020-26217"/> <issue tracker="cve" id="2020-26258"/> <issue tracker="cve" id="2020-26259"/> <packager>fstrba</packager> <rating>important</rating> <category>security</category> <summary>Security update for xstream</summary> <description>This update for xstream fixes the following issues: xstream was updated to version 1.4.15. - CVE-2020-26217: Fixed a remote code execution due to insecure XML deserialization when relying on blocklists (bsc#1180994). - CVE-2020-26258: Fixed a server-side request forgery vulnerability (bsc#1180146). - CVE-2020-26259: Fixed an arbitrary file deletion vulnerability (bsc#1180145). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor