Lucene search

K
suseSuseOPENSUSE-SU-2021:1876-1
HistoryJul 11, 2021 - 12:00 a.m.

Security update for snakeyaml (important)

2021-07-1100:00:00
lists.opensuse.org
18

EPSS

0.019

Percentile

88.5%

An update that solves one vulnerability and has one errata
is now available.

Description:

This update for snakeyaml fixes the following issues:

  • Upgrade to 1.28
  • CVE-2017-18640: The Alias feature allows entity expansion during a load
    operation (bsc#1159488, bsc#1186088)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.3:

    zypper in -t patch openSUSE-SLE-15.3-2021-1876=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.3noarch< - openSUSE Leap 15.3 (noarch):- openSUSE Leap 15.3 (noarch):.noarch.rpm