An update that fixes two vulnerabilities is now available.
Description:
This update for python-lxml fixes the following issues:
- CVE-2021-28957: Fixed XSS due to missing input sanitization for HTML5
attributes (bsc#1184177).
- CVE-2020-27783: Fixed XSS due to the use of improper parser
(bsc#1179534).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3836=1
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Leap | 15.3 | noarch | < - openSUSE Leap 15.3 (noarch): | - openSUSE Leap 15.3 (noarch):.noarch.rpm |