Bug 2123752 - Rebase to 0.7.1 [OSP 16.2]
Summary: Rebase to 0.7.1 [OSP 16.2]
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: python-defusedxml
Version: 16.2 (Train)
Hardware: Unspecified
OS: Unspecified
high
medium
Target Milestone: z4
: 16.2 (Train on RHEL 8.4)
Assignee: Lon Hohberger
QA Contact: Lon Hohberger
URL:
Whiteboard:
Depends On:
Blocks: 2119228 2123761
TreeView+ depends on / blocked
 
Reported: 2022-09-02 14:09 UTC by Lon Hohberger
Modified: 2022-12-07 19:25 UTC (History)
1 user (show)

Fixed In Version: python-defusedxml-0.7.1-1.el8ost
Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Clone Of:
: 2123761 (view as bug list)
Environment:
Last Closed: 2022-12-07 19:24:40 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
RDO 44733 0 None None None 2022-09-02 16:49:49 UTC
Red Hat Issue Tracker OSP-18534 0 None None None 2022-09-02 14:57:55 UTC
Red Hat Product Errata RHBA-2022:8794 0 None None None 2022-12-07 19:25:31 UTC

Description Lon Hohberger 2022-09-02 14:09:22 UTC 
Description of problem: In order to fix CVE-2022-2996 in python-scciclient, we need to rebase python-defusedxml to 0.6.0

Version-Release number of selected component (if applicable): python-defusedxml-0.5.0-7.el8ost.1

https://opendev.org/x/python-scciclient/commit/20931fc474afe981b5965cd9b0d02cdef8b812bf
Comment 11 errata-xmlrpc 2022-12-07 19:24:40 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Release of components for Red Hat OpenStack Platform 16.2.4), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:8794
Note You need to log in before you can comment on or make changes to this bug.