SUSE-SU-2022:0817-1

Details

This update for xstream fixes the following issues:

CVE-2021-43859: Fixed a denial of service when unmarshalling highly recursive collections or maps (bsc#1195458).

Affected Packages

xstream

SUSE Linux Enterprise Module for Development Tools 15 SP3SUSE Linux Enterprise Real Time 15 SP2SUSE Manager Server Module 4.1SUSE Manager Server Module 4.2

Fixed in:

1.4.19-3.18.2

References

REPORT

https://bugzilla.suse.com/1195458

WEB

https://www.suse.com/security/cve/CVE-2021-43859

ADVISORY

https://www.suse.com/support/update/announcement/2022/suse-su-20220817-1/