diff options
author | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-06-14 09:46:21 +0200 |
---|---|---|
committer | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-06-14 09:46:21 +0200 |
commit | 365fbebc1ec109377fdd660e2c2351e7e28c1654 (patch) | |
tree | de6f35ffae4d8f7e6fe6195cf9f479a9634b4e97 | |
parent | 465edfe4cc63659b5558f4427b3ac82836d7e1e1 (diff) |
[SECURITY] [DSA 5426-1] owslib security update
-rw-r--r-- | english/security/2023/dsa-5426.data | 13 | ||||
-rw-r--r-- | english/security/2023/dsa-5426.wml | 21 |
2 files changed, 34 insertions, 0 deletions
diff --git a/english/security/2023/dsa-5426.data b/english/security/2023/dsa-5426.data new file mode 100644 index 00000000000..3abfbe87229 --- /dev/null +++ b/english/security/2023/dsa-5426.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-5426-1 owslib</define-tag> +<define-tag report_date>2023-6-14</define-tag> +<define-tag secrefs>CVE-2023-27476 Bug#1034182</define-tag> +<define-tag packages>owslib</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2023/dsa-5426.wml b/english/security/2023/dsa-5426.wml new file mode 100644 index 00000000000..65d1d80b739 --- /dev/null +++ b/english/security/2023/dsa-5426.wml @@ -0,0 +1,21 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>An arbitrary file reads from malformed XML payload vulnerbility was +discovered in owslib, the Python client library for Open Geospatial (OGC) +web services. This issue has been addressed by always using lxml as the +XML parser with entity resolution disabled.</p> + +<p>For the oldstable distribution (bullseye), this problem has been fixed +in version 0.23.0-1+deb11u1.</p> + +<p>We recommend that you upgrade your owslib packages.</p> + +<p>For the detailed security status of owslib please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/owslib">\ +https://security-tracker.debian.org/tracker/owslib</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2023/dsa-5426.data" +# $Id: $ |