Security update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop
| Announcement ID: | SUSE-SU-2024:4054-1 |
|---|---|
| Release Date: | 2024-11-26T05:06:51Z |
| Rating: | moderate |
| References: | |
| Cross-References: | |
| CVSS scores: |
|
| Affected Products: |
|
An update that solves one vulnerability and has one security fix can now be installed.
Description:
This update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop fixes the following issues:
xmlgraphics-fop was updated from version 2.8 to 2.10:
-
Security issues fixed:
-
CVE-2024-28168: Fixed improper restriction of XML External Entity (XXE) reference (bsc#1231428)
-
Upstream changes and bugs fixed:
-
Version 2.10:
- footnote-body ignores rl-tb writing mode
- SVG tspan content is displayed out of place
- Added new schema to handle pdf/a and pdfa/ua
- Correct fop version at runtime
- NoSuchElementException when using font with no family name
- Resolve classpath for binary distribution
- Switch to spotbugs
- Set an automatic module name
- Rename packages to avoid conflicts with modules
- Resize table only for multicolumn page
- Missing jars in servlet
- Optimise performance of PNG with alpha using raw loader
- basic-link not navigating to corresponding footnote
- Added option to sign PDF
- Added secure processing for XSL input
- Allow sections which need security permissions to be run when AllPermission denied in caller code
- Remove unused PDFStructElem
- Remove space generated by fo:wrapper
- Reset content length for table changing ipd
- Added alt text to PDF signature
- Allow change of resource level for SVG in AFP
- Exclude shape not in clipping path for AFP
- Only support 1 column for redo of layout without page pos only
- Switch to Jakarta servlet API
- NPE when list item is split alongside an ipd change
- Added mandatory MODCA triplet to AFP
- Redo layout for multipage columns
- Added image mask option for AFP
- Skip written block ipds inside float
- Allow curly braces for src url
- Missing content for last page with change ipd
- Added warning when different pdf languages are used
- Only restart line manager when there is a linebreak for blocklayout
-
Version 2.9:
- Values in PDF Number Trees must be indirect references
- Do not delete files on syntax errors using command line
- Surrogate pair edge-case causes Exception
- Reset character spacing
- SVG text containing certain glyphs isn't rendered
- Remove duplicate classes from maven classpath
- Allow use of page position only on redo of layout
- Failure to render multi-block itemBody alongside float
- Update to PDFBox 2.0.27
- NPE if link destination is missing with accessibility
- Make property cache thread safe
- Font size was rounded to 0 for AFP TTF
- Cannot process a SVG using mvn jars
- Remove serializer jar
- Allow creating a PDF 2.0 document
- Text missing after page break inside table inline
- IllegalArgumentException for list in a table
- Table width may be too wide when layout width changes
- NPE when using broken link and PDF 1.5
- Allow XMP at PDF page level
- Symbol font was not being mapped to unicode
- Correct font differences table for Chrome
- Link against Java 8 API
- Added support for font-selection-strategy=character-by-character
- Merge form fields in external PDFs
- Fixed test for Java 11
xmlgraphics-batik was updated from version 1.17 to 1.18:
- PNG transcoder references nonexistent class
- Set offset to 0 if missing in stop tag
- Validate throws NPE
- Fixed missing arabic characters
- Animated rotate tranform ignores y-origin at exactly 270 degrees
- Set an automatic module name
- Ignore inkscape properties
- Switch to spotbugs
- Allow source and target resolution configuration
xmlgraphics-commons was updated from version 2.8 to 2.10:
- Fixed test for Java 11
- Allow XMP at PDF page level
- Allow source resolution configuration
- Added new schema to handle pdf/a and pdfa/ua
- Set an automatic module name
- Switch to spotbugs
- Do not use a singleton for ImageImplRegistry
javapackages-tools was updated from version 6.3.0 to 6.3.4:
-
Version 6.3.4:
-
A corner case when which is not present
- Remove dependency on which
- Simplify after the which -> type -p change
- jpackage_script: Remove pointless assignment when %java_home is unset
-
Don't export JAVA_HOME (bsc#1231347)
-
Version 6.3.2:
-
Search for JAVACMD under JAVA_HOME only if it's set
- Obsolete set_jvm and set_jvm_dirs functions
- Drop unneeded _set_java_home function
- Remove JAVA_HOME check from check_java_env function
- Bump codecov/codecov-action from 2.0.2 to 4.6.0
- Bump actions/setup-python from 4 to 5
- Bump actions/checkout from 2 to 4
- Added custom dependabot config
- Remove the test for JAVA_HOME and error if it is not set
- java-functions: Remove unneeded local variables
-
Fixed build status shield
-
Version 6.3.1:
-
Allow missing components with abs2rel
- Fixed tests with python 3.4
- Sync spec file from Fedora
- Drop default JRE/JDK
- Fixed the use of java-functions in scripts
- Test that we don't bomb on <relativePath/>
- Test variable expansion in artifactId
- Interpolate properties also in the current artifact
- Rewrite abs2rel in shell
- Use asciidoctor instead of asciidoc
- Fixed incompatibility with RPM 4.20
- Reproducible exclusions order in maven metadata
- Do not bomb on <relativePath/> construct
- Make maven_depmap order of aliases reproducible
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-4054=1 -
openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-4054=1 -
Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4054=1 -
Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4054=1 -
Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-4054=1 -
Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4054=1 -
SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4054=1 -
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4054=1 -
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4054=1 -
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4054=1 -
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4054=1 -
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4054=1 -
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4054=1 -
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4054=1 -
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4054=1 -
SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4054=1 -
SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4054=1 -
SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4054=1 -
SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4054=1 -
SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2024-4054=1 -
SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4054=1 -
SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-4054=1
Package List:
-
openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
openSUSE Leap 15.5 (noarch)
- xmlgraphics-batik-svgpp-1.18-150200.4.10.2
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- xmlgraphics-batik-javadoc-1.18-150200.4.10.2
- xmlgraphics-batik-ttf2svg-1.18-150200.4.10.2
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-batik-squiggle-1.18-150200.4.10.2
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-javadoc-2.10-150200.3.10.2
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-rasterizer-1.18-150200.4.10.2
- xmlgraphics-batik-css-1.18-150200.4.10.2
- xmlgraphics-batik-demo-1.18-150200.4.10.2
- xmlgraphics-batik-slideshow-1.18-150200.4.10.2
-
openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
openSUSE Leap 15.6 (noarch)
- xmlgraphics-batik-svgpp-1.18-150200.4.10.2
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- xmlgraphics-batik-javadoc-1.18-150200.4.10.2
- xmlgraphics-batik-ttf2svg-1.18-150200.4.10.2
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-batik-squiggle-1.18-150200.4.10.2
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-javadoc-2.10-150200.3.10.2
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-rasterizer-1.18-150200.4.10.2
- xmlgraphics-batik-css-1.18-150200.4.10.2
- xmlgraphics-batik-demo-1.18-150200.4.10.2
- xmlgraphics-batik-slideshow-1.18-150200.4.10.2
-
Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
Basesystem Module 15-SP5 (noarch)
- python3-javapackages-6.3.4-150200.3.15.1
-
Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
Basesystem Module 15-SP6 (noarch)
- python3-javapackages-6.3.4-150200.3.15.1
-
Development Tools Module 15-SP5 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
Development Tools Module 15-SP6 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- javapackages-local-6.3.4-150200.3.15.1
-
SUSE Package Hub 15 15-SP6 (noarch)
- xmlgraphics-batik-css-1.18-150200.4.10.2
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
-
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2
-
SUSE Manager Proxy 4.3 (x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Manager Proxy 4.3 (noarch)
- python3-javapackages-6.3.4-150200.3.15.1
-
SUSE Manager Retail Branch Server 4.3 (x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Manager Retail Branch Server 4.3 (noarch)
- python3-javapackages-6.3.4-150200.3.15.1
-
SUSE Manager Server 4.3 (ppc64le s390x x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Manager Server 4.3 (noarch)
- python3-javapackages-6.3.4-150200.3.15.1
-
SUSE Enterprise Storage 7.1 (aarch64 x86_64)
- javapackages-filesystem-6.3.4-150200.3.15.1
- javapackages-tools-6.3.4-150200.3.15.1
-
SUSE Enterprise Storage 7.1 (noarch)
- javapackages-ivy-6.3.4-150200.3.15.1
- javapackages-gradle-6.3.4-150200.3.15.1
- python3-javapackages-6.3.4-150200.3.15.1
- xmlgraphics-fop-2.10-150200.13.10.1
- xmlgraphics-commons-2.10-150200.3.10.2
- xmlgraphics-batik-1.18-150200.4.10.2
- javapackages-local-6.3.4-150200.3.15.1
- xmlgraphics-batik-css-1.18-150200.4.10.2