5 matches found
Fedora 28 : xapian-bindings / xapian-core (2018-3ecacade34)
Update to 1.4.6, Security fix for CVE-2018-0499, fix for notmuch Email indexer Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 27 : xapian-bindings / xapian-core (2018-62394ac295)
Update to 1.4.6, Security fix for CVE-2018-0499, fix for notmuch Email indexer Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora Update for xapian-core FEDORA-2018-3ecacade34
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for xapian-core FEDORA-2018-62394ac295
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-0499
CVE-2018-0499 affects the Xapian project’s core library (xapian-core) before version 1.4.6. The root cause is incomplete HTML escaping in the code path for snippets, specifically in queryparser/termgenerator_internal.cc via Xapian::MSet::snippet(), which enables cross-site scripting. Documented i...