Actions
Bug #24004
closed
Bug #24003: Update antisamy for security issue (CVE-2023-43643)
Add neko-htmlUnit as dependency due to security checks
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
Checked
Regression:
No
Description
CVE https://nvd.nist.gov/vuln/detail/CVE-2023-49093 in neko < 3.9.0 is quite important. this is a dependency from antisamy that has been bumped to 2.7.4 in #24003
We also need to remove a dependency on batik-css that was needed in antisamy 2.7.3
Updated by Vincent MEMBRÉ 4 months ago
- Status changed from New to In progress
- Assignee set to Vincent MEMBRÉ
Updated by Vincent MEMBRÉ 4 months ago
- Status changed from In progress to Pending technical review
- Assignee changed from Vincent MEMBRÉ to Clark ANDRIANASOLO
- Pull Request set to https://github.com/Normation/rudder-plugins/pull/631
Updated by Anonymous 4 months ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder:rudder-plugins|3698215c6ac8894eb477f66b1093f3324468fbe1.
Updated by
Updated by Vincent MEMBRÉ 3 months ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder plugin openscap v8.1.0.alpha1-2.1
Updated by Vincent MEMBRÉ 3 months ago
This bug has been fixed in Rudder plugin openscap v8.0.5-2.1
Updated by Vincent MEMBRÉ 3 months ago
This bug has been fixed in Rudder plugin openscap v7.3.11-2.1
Actions