Home[1] Files[2] News[3] &[SERVICES_TAB] Contact[4] Add New[5]
- Debian Security Advisory 5471-1[6]
- Authored by Debian[7] | Site debian.org[8]
-
Debian Linux Security Advisory 5471-1 - A security vulnerability has been discovered in libhtmlcleaner-java, a Java HTML parser library. An attacker was able to cause a denial of service (StackOverflowError) if the parser runs on user supplied input with deeply nested HTML elements. This update introduces a new nesting depth limit which can be overridden in cleaner properties.
- systems | linux[9], debian[10]
- advisories | CVE-2023-34624[11]
- SHA-256 |
f96281f975f20155fb343f0d82fab4ed0c0a3a6cbbc5a26c074cca92130006ba - Download[12] | Favorite[13] | View[14]
Change Mirror[15] Download[16]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5471-1 Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.
https://www.debian.org/security/ Markus Koschany
August 07, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : libhtmlcleaner-java
CVE ID : CVE-2023-34624
A security vulnerability has been discovered in libhtmlcleaner-java, a Java
HTML parser library. An attacker was able to cause a denial of service
(StackOverflowError) if the parser runs on user supplied input with deeply
nested HTML elements. This update introduces a new nesting depth limit which
can be overridden in cleaner properties.
For the oldstable distribution (bullseye), this problem has been fixed
in version 2.24-1+deb11u1.
For the stable distribution (bookworm), this problem has been fixed in
version 2.26-1+deb12u1.
We recommend that you upgrade your libhtmlcleaner-java packages.
For the detailed security status of libhtmlcleaner-java please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libhtmlcleaner-java
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmTRTEhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeQfTxAAwDzh+g/pObARsJwiLjNHxgYZCE0QEdA1jlcs94WnYTEJ08RRcismUnTu
BE/hxwUBsRwd3oV1zdgj3NzXgI8XFOUVeL1jUNAQ7XKb7VpaHd1NzQ4svxs32IsN
7C3yhvCpUwTsC/8dw6H//O2uaymARsUIQSbZ5ZirwslsYNcCRWIFgEEEhv38E6QL
e+lwog5X90fhHwfE1i6GUeSPyijHtwhxo6THNnw1evctPgOX5vj06qpo4y6I2WYU
rbAjtALeO3o4UxGmCHs2KtrSnt2QoKcbxfjspgdGzvTpTnbwrseOD1mrq9EYNgUK
P+iQ81z7KKcqMASEy9ZTcRbzhCgYHb2IKD5iPxSj0Jf0f2kDN0qehoExlHnnmSoR
SqauVYYGQ38R+7DkWZeI6fkERFNJd8ff3dEk6D+4s+Ad4X7CzMq+SxajwFYogEhq
QTd/3fhIef+eZVkHw96AVvd+dmYvOo+hcE/VjGckbJIIAnc0EXJEPw+JdYjoAr/t
Zq1998FbRovvLB5xlmsL6YXe8TYFRyiYuMmRYguWk/UnKx5On673QvIImQUVqD2V
euVh6+xoY6z1ELGH+SGz29FWUh17LPsQ24VhHZ4wpGZVOpFLCWYJo4WV2fx5HQa9
8G9YgCojURtzYItR3oh1/3/DMN1ZSg0Nsy50fshx4qtcarq6VhI=
=QxO1
-----END PGP SIGNATURE-----
Follow us on
Facebook
Subscribe to an RSS
FeedFile Tags
- ActiveX[22] (932)
- Advisory[23] (81,913)
- Arbitrary[24] (16,188)
- BBS[25] (2,859)
- Bypass[26] (1,740)
- CGI[27] (1,026)
- Code Execution[28] (7,273)
- Conference[29] (679)
- Cracker[30] (841)
- CSRF[31] (3,342)
- DoS[32] (23,412)
- Encryption[33] (2,369)
- Exploit[34] (51,815)
- File Inclusion[35] (4,221)
- File Upload[36] (972)
- Firewall[37] (821)
- Info Disclosure[38] (2,766)
- Intrusion Detection[39] (892)
- Java[40] (3,043)
- JavaScript[41] (858)
- Kernel[42] (6,666)
- Local[43] (14,447)
- Magazine[44] (586)
- Overflow[45] (12,690)
- Perl[46] (1,423)
- PHP[47] (5,141)
- Proof of Concept[48] (2,338)
- Protocol[49] (3,601)
- Python[50] (1,535)
- Remote[51] (30,747)
- Root[52] (3,579)
- Rootkit[53] (508)
- Ruby[54] (612)
- Scanner[55] (1,639)
- Security Tool[56] (7,883)
- Shell[57] (3,180)
- Shellcode[58] (1,214)
- Sniffer[59] (894)
- Spoof[60] (2,206)
- SQL Injection[61] (16,359)
- TCP[62] (2,404)
- Trojan[63] (687)
- UDP[64] (891)
- Virus[65] (664)
- Vulnerability[66] (31,763)
- Web[67] (9,660)
- Whitepaper[68] (3,749)
- x86[69] (962)
- XSS[70] (17,921)
- Other[71]
File Archives
- August 2023[72]
- July 2023[73]
- June 2023[74]
- May 2023[75]
- April 2023[76]
- March 2023[77]
- February 2023[78]
- January 2023[79]
- December 2022[80]
- November 2022[81]
- October 2022[82]
- September 2022[83]
- Older[84]
Systems
- AIX[85] (428)
- Apple[86] (2,002)
- BSD[87] (373)
- CentOS[88] (57)
- Cisco[89] (1,922)
- Debian[90] (6,808)
- Fedora[91] (1,692)
- FreeBSD[92] (1,244)
- Gentoo[93] (4,322)
- HPUX[94] (879)
- iOS[95] (351)
- iPhone[96] (108)
- IRIX[97] (220)
- Juniper[98] (67)
- Linux[99] (46,407)
- Mac OS X[100] (686)
- Mandriva[101] (3,105)
- NetBSD[102] (256)
- OpenBSD[103] (484)
- RedHat[104] (13,704)
- Slackware[105] (941)
- Solaris[106] (1,610)
- SUSE[107] (1,444)
- Ubuntu[108] (8,799)
- UNIX[109] (9,286)
- UnixWare[110] (186)
- Windows[111] (6,568)
- Other[112]
© 2022 Packet Storm. All rights reserved.
- Services
- Security Services[123]
- Hosting By
- Rokasec[124]
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Read more https://packetstormsecurity.com/files/174067/dsa-5471-1.txt
