Overview

File _patchinfo of Package patchinfo.31366

<patchinfo incident="31366">
  <issue tracker="bnc" id="1214422">VUL-0: CVE-2022-46751: apache-ivy: improper restriction of XML External Entity Reference</issue>
  <issue tracker="cve" id="2022-46751"/>
  <packager>gkenion</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for apache-ivy</summary>
  <description>This update for apache-ivy fixes the following issues:

- Upgrade to version 2.5.2 (bsc#1214422)
- CVE-2022-46751: Fixed an XML External Entity Injections that could be exploited to exfiltrate data, access resources only the machine running Ivy has access to or disturb the execution of Ivy in different ways. (bsc#1214422)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places