Overview

File _patchinfo of Package patchinfo.37647

<patchinfo incident="37647">
  <issue tracker="bnc" id="1231298">VUL-0: CVE-2024-47554: apache-commons-io: untrusted input to XmlStreamReader can lead to uncontrolled resource consumption</issue>
  <issue tracker="cve" id="2024-47554"/>
  <packager>gkenion</packager>
  <rating>moderate</rating>
  <category>recommended</category>
  <summary>Recommended update for apache-commons-io</summary>
  <description>This update for apache-commons-io fixes the following issues:

apache-commons-io was updated from version 2.15.1 to 2.18.0:
    
- Key changes across versions:
  * Cleaner code and updated dependencies
  * Improved security when handling serialized data with the new safe deserialization feature
  * New features for advanced file and stream operations
  * Various bugs were fixed to improve reliability with fewer crashes and unexpected errors
  * For the full list of changes please consult the packaged RELEASE-NOTES.txt
    
- Already fixed in previous version:
  * CVE-2024-47554: Untrusted input to XmlStreamReader can lead to uncontrolled resource consumption (bsc#1231298)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places