openSUSE Security Update : translate-toolkit (openSUSE-2018-130)

medium Nessus Plugin ID 106613

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for translate-toolkit to 2.2.4 fixes several issues.

This security issue was fixed :

- Prevent inclusion of external ressources (XXE) (boo#1073535)

These non-security issues were fixed :

- Added support for nested and WebExtension JSON dialects.

- po2txt no longer converts non-translatable strings.

- Improvement for puncspace check.

- Support for .xliff extension.

- Added MinimalChecker and ReducedChecker checkers.

- Fixed resolving of country names translations.

- Refactored functions for resolving language/country names translation to be memory efficient.

- Improvements for ts and subtitles formats.

- Fixed Montenegrin language name.

- Avoid resolving external entities while parsing XML.

- Improvements for Android, ts and resx formats.

- Added support for PHP nested arrays.

- Added Kabyle language

Solution

Update the affected translate-toolkit package.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1073535

Plugin Details

Severity: Medium

ID: 106613

File Name: openSUSE-2018-130.nasl

Version: 3.3

Type: Local

Agent: unix

Published: 2/6/2018

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:translate-toolkit, cpe:/o:novell:opensuse:42.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2/5/2018