Red Hat Product Errata RHSA-2025:1314 - Security Advisory
Issued:
2025-02-11
Updated:
2025-02-11

RHSA-2025:1314 - Security Advisory

Synopsis

Moderate: doxygen security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for doxygen is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Doxygen can generate an online class browser (in HTML) and/or a reference manual (in LaTeX) from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files.

Security Fix(es):

  • jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

  • BZ - 1850004 - CVE-2020-11023 jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
doxygen-1.8.14-13.el8_10.src.rpm SHA-256: 44573cad4e7e5aa0c6d4da6229a2464cfacdedd4306ec1e5e4d63c90af51c5e6
x86_64
doxygen-1.8.14-13.el8_10.x86_64.rpm SHA-256: 52548ab6e4d2296050d009d26e0c360694df3354be62a195ffffb486261af357
doxygen-debuginfo-1.8.14-13.el8_10.x86_64.rpm SHA-256: ddb98f0cf54f9b789cee04b868358a222b35cf916cff8d4ac24fecd0baab9f5b
doxygen-debugsource-1.8.14-13.el8_10.x86_64.rpm SHA-256: 4175e6f4b364e46df826d0204c9c20207e40c191dcb26a40f15968fd923c6995
doxygen-doxywizard-1.8.14-13.el8_10.x86_64.rpm SHA-256: 0d86b3817fedbee47218aa27cd9f20612d923a9bef6890960d98828a2b75c216
doxygen-doxywizard-debuginfo-1.8.14-13.el8_10.x86_64.rpm SHA-256: 043f8bc4c966ab62cd3e7289d68b3b3a42867aafd1e9cf68a1d50f0d21e0d470
doxygen-latex-1.8.14-13.el8_10.x86_64.rpm SHA-256: 3f6bd8b47785c51e38b7a9a80d167cc8290ed68df0cad2e73ed1b79852309070

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
doxygen-1.8.14-13.el8_10.src.rpm SHA-256: 44573cad4e7e5aa0c6d4da6229a2464cfacdedd4306ec1e5e4d63c90af51c5e6
ppc64le
doxygen-1.8.14-13.el8_10.ppc64le.rpm SHA-256: bfb7b86ac87779b384138f229342c771a916ac241ddc1d650453f7ed9b2a7357
doxygen-debuginfo-1.8.14-13.el8_10.ppc64le.rpm SHA-256: 03e383c831f74fbf6a9d89b157ee0590dd9e1be52d4cc922c713d2527fc900f0
doxygen-debugsource-1.8.14-13.el8_10.ppc64le.rpm SHA-256: 98edcfcfeef60bef57e1f217d58d144fbbda8237e83d8a56c26a1502a9982b40
doxygen-doxywizard-1.8.14-13.el8_10.ppc64le.rpm SHA-256: e383a47a389b75139f0a8457781cdf0f2ee5114df54a6f793243c3db3bcc53c5
doxygen-doxywizard-debuginfo-1.8.14-13.el8_10.ppc64le.rpm SHA-256: 7ed9d9be4daf1df92f55d5cfef9e47baca7bc2d6250850578ecbdbf194ddb30c
doxygen-latex-1.8.14-13.el8_10.ppc64le.rpm SHA-256: 6f1dc8619885b94cab48d41fb6969a72650281fd6bd973b0c53cafa904a222d4

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
doxygen-1.8.14-13.el8_10.src.rpm SHA-256: 44573cad4e7e5aa0c6d4da6229a2464cfacdedd4306ec1e5e4d63c90af51c5e6
aarch64
doxygen-1.8.14-13.el8_10.aarch64.rpm SHA-256: f88cac29e177f979f801aac670af5628ec4a64ede133cb44810552d1865b269a
doxygen-debuginfo-1.8.14-13.el8_10.aarch64.rpm SHA-256: 148a4a110778e880229f989aa8c20383d4dedaf30be2c1cc675e60bfe781bd18
doxygen-debugsource-1.8.14-13.el8_10.aarch64.rpm SHA-256: 0bb47c88ceced45744261eb43423efb0c2bc05e42e23ca9a71799fd1430e5d19
doxygen-doxywizard-1.8.14-13.el8_10.aarch64.rpm SHA-256: fcf35e40c451d9fea6db54c9e2f1b0245aaa50de0434a3bb14fef706d7590ded
doxygen-doxywizard-debuginfo-1.8.14-13.el8_10.aarch64.rpm SHA-256: 4c098da6608b9792dea0e90bb7465cf426d56e076599d1bb017e60e0166eb782
doxygen-latex-1.8.14-13.el8_10.aarch64.rpm SHA-256: 67b14d02f83e53bbc79fcb92b26c56e59a596744ba79633c8d99f988529fa27c

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
doxygen-1.8.14-13.el8_10.src.rpm SHA-256: 44573cad4e7e5aa0c6d4da6229a2464cfacdedd4306ec1e5e4d63c90af51c5e6
s390x
doxygen-1.8.14-13.el8_10.s390x.rpm SHA-256: 96a8df9f77c36dc83a658ee709441a66946cd84ec72e92da5ab6b40434800564
doxygen-debuginfo-1.8.14-13.el8_10.s390x.rpm SHA-256: f538d577b87115a3bfec45f083b57e787052cc2e4b6bac34d855c15f62f3042a
doxygen-debugsource-1.8.14-13.el8_10.s390x.rpm SHA-256: 09bead4f58a58b77353c903c2a2e3aff647029446468f85722b9e5fa95144cf7
doxygen-doxywizard-1.8.14-13.el8_10.s390x.rpm SHA-256: 8c8e87e2abd14a642ddb238c60a5a74a4e0a52edb7e84509a3ed0f35a6834fae
doxygen-doxywizard-debuginfo-1.8.14-13.el8_10.s390x.rpm SHA-256: 968bc67993796075f917dbabb857cab82f1a94206378b474c1a800c8066ad36f
doxygen-latex-1.8.14-13.el8_10.s390x.rpm SHA-256: 51615e5505711dd99054e575a2debcccc0ad211d2c26e5a51f820286044ec820

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.