Overview

File _patchinfo of Package patchinfo.42794

<patchinfo incident="42794">
  <issue tracker="cve" id="2025-58190"/>
  <issue tracker="cve" id="2025-47911"/>
  <issue tracker="bnc" id="1258048">VUL-0: CVE-2025-58190: apptainer: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially crafted input</issue>
  <issue tracker="bnc" id="1258047">VUL-0: CVE-2025-47911: apptainer: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents</issue>
  <issue tracker="bnc" id="1253924">VUL-0: CVE-2025-58181: apptainer: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption</issue>
  <packager>eeich</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for apptainer</summary>
  <description>This update for apptainer fixes the following issues:

- CVE-2025-58190: Fixed a HTML parser misimplementation of a part of the HTML specification for table related tags. (bsc#1258048).
- CVE-2025-47911: Fixed an issue where the HTML parser takes a very long time or even never returns. (bsc#1258047).
  </description>
</patchinfo>
openSUSE Build Service is sponsored by
Places