openSUSE-SU-2018:0364-1: moderate: Security update for translate-toolkit
openSUSE Security Update: Security update for translate-toolkit ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:0364-1 Rating: moderate References: #1073535 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for translate-toolkit to 2.2.4 fixes several issues. This security issue was fixed: - Prevent inclusion of external ressources (XXE) (boo#1073535) These non-security issues were fixed: - Added support for nested and WebExtension JSON dialects. - po2txt no longer converts non-translatable strings. - Improvement for puncspace check. - Support for .xliff extension. - Added MinimalChecker and ReducedChecker checkers. - Fixed resolving of country names translations. - Refactored functions for resolving language/country names translation to be memory efficient. - Improvements for ts and subtitles formats. - Fixed Montenegrin language name. - Avoid resolving external entities while parsing XML. - Improvements for Android, ts and resx formats. - Added support for PHP nested arrays. - Added Kabyle language Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-130=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.3 (noarch): translate-toolkit-2.2.4-4.1 translate-toolkit-devel-doc-2.2.4-4.1 References: https://bugzilla.suse.com/1073535
participants (1)
-
opensuse-security@opensuse.org