Fedora 13 : python-feedparser-5.0.1-1.fc13 (2011-4911)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Current release: 5.0.1 - February 20, 2011

- Fix issue 91 (invalid text in XML declaration causes
sanitizer to crash)

- Fix issue 254 (sanitization can be bypassed by
malformed XML comments)

- Fix issue 255 (sanitizer doesn't strip unsafe URI
schemes)

Previous release: 5.0 - January 25, 2011

- Improved MathML support

- Support microformats (rel-tag, rel-enclosure, xfn,
hcard)

- Support IRIs

- Allow safe CSS through sanitization

- Allow safe HTML5 through sanitization

- Support SVG

- Support inline XML entity declarations

- Support unescaped quotes and angle brackets in
attributes

- Support additional date formats

- Added the request_headers argument to parse()

- Added the response_headers argument to parse()

- Support multiple entry, feed, and source authors

- Officially make Python 2.4 the earliest supported
version

- Support Python 3

- Bug fixes, bug fixes, bug fixes

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=684877
http://www.nessus.org/u?aeb553e0

Solution :

Update the affected python-feedparser package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Fedora Local Security Checks

Nessus Plugin ID: 53551 ()

Bugtraq ID:

CVE ID: CVE-2009-5065
CVE-2011-1156
CVE-2011-1157
CVE-2011-1158

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now