openSUSE Security Update: Security update for translate-toolkit ______________________________________________________________________________
Announcement ID: openSUSE-SU-2018:0364-1 Rating: moderate References: #1073535 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________
An update that contains security fixes can now be installed.
This update for translate-toolkit to 2.2.4 fixes several issues.
This security issue was fixed:
- Prevent inclusion of external ressources (XXE) (boo#1073535)
These non-security issues were fixed:
- Added support for nested and WebExtension JSON dialects. - po2txt no longer converts non-translatable strings. - Improvement for puncspace check. - Support for .xliff extension. - Added MinimalChecker and ReducedChecker checkers. - Fixed resolving of country names translations. - Refactored functions for resolving language/country names translation to be memory efficient. - Improvements for ts and subtitles formats. - Fixed Montenegrin language name. - Avoid resolving external entities while parsing XML. - Improvements for Android, ts and resx formats. - Added support for PHP nested arrays. - Added Kabyle language
To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-130=1
To bring your system up-to-date, use "zypper patch".
- openSUSE Leap 42.3 (noarch):