openSUSE Security Update : xmltooling (openSUSE-2018-65)
Medium Nessus Plugin ID 106224
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for xmltooling fixes the following issues :
- CVE-2018-0486: Fixed a security bug when xmltooling mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD (bsc#1075975)
This update was imported from the SUSE:SLE-12-SP1:Update update project.
SolutionUpdate the affected xmltooling packages.