Overview

File _patchinfo of Package patchinfo.7729

<patchinfo incident="7729">
  <issue id="1073535" tracker="bnc">VUL-0: translate-toolkit: XXE while parsing xml</issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>elchevive</packager>
  <description>This update for translate-toolkit to 2.2.4 fixes several issues.

This security issue was fixed:

- Prevent inclusion of external ressources (XXE) (boo#1073535)

These non-security issues were fixed:

- Added support for nested and WebExtension JSON dialects.
- po2txt no longer converts non-translatable strings.
- Improvement for puncspace check.
- Support for .xliff extension.            
- Added MinimalChecker and ReducedChecker checkers.
- Fixed resolving of country names translations.
- Refactored functions for resolving language/country names translation to be memory efficient.
- Improvements for ts and subtitles formats.
- Fixed Montenegrin language name.
- Avoid resolving external entities while parsing XML.
- Improvements for Android, ts and resx formats.
- Added support for PHP nested arrays.
- Added Kabyle language
</description>
  <summary>Security update for translate-toolkit</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places