Security update for python-XStatic-jquery-ui
SUSE Patch
security@suse.de
SUSE Security Team
SUSE-SU-2017:2351-1
Final
1
1
2017-09-05T12:41:41Z
current
2017-09-05T12:41:41Z
2017-09-05T12:41:41Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for python-XStatic-jquery-ui
This update for python-XStatic-jquery-ui fixes the following issues:
- CVE-2016-7103: possible cross-site scripting in dialog closeText could lead to arbitrary code injection (bsc#996004)
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
SUSE-OpenStack-Cloud-7-2017-1458
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://www.suse.com/support/update/announcement/2017/suse-su-20172351-1/
Link for SUSE-SU-2017:2351-1
https://lists.suse.com/pipermail/sle-security-updates/2017-September/003185.html
E-Mail link for SUSE-SU-2017:2351-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/996004
SUSE Bug 996004
https://www.suse.com/security/cve/CVE-2016-7103/
SUSE CVE CVE-2016-7103 page
SUSE OpenStack Cloud 7
python-XStatic-jquery-ui-1.11.0.1-2.3.1
python-XStatic-jquery-ui-1.11.0.1-2.3.1 as a component of SUSE OpenStack Cloud 7
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
CVE-2016-7103
SUSE OpenStack Cloud 7:python-XStatic-jquery-ui-1.11.0.1-2.3.1
low
4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2017/suse-su-20172351-1/
https://www.suse.com/security/cve/CVE-2016-7103.html
CVE-2016-7103
https://bugzilla.suse.com/996004
SUSE Bug 996004
https://bugzilla.suse.com/996014
SUSE Bug 996014