Issued:: 2025-02-11
Updated:: 2025-02-11

RHSA-2025:1315 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: doxygen security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for doxygen is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Doxygen can generate an online class browser (in HTML) and/or a reference manual (in LaTeX) from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files.

Security Fix(es):

jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64

Fixes

BZ - 1850004 - CVE-2020-11023 jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

CVEs

CVE-2020-11023

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4

SRPM
doxygen-1.9.1-12.el9_4.src.rpm	SHA-256: 36378053acda5228e002e36b18f841d600b6f1d29ca871115aceff0defbc70e5
x86_64
doxygen-1.9.1-12.el9_4.x86_64.rpm	SHA-256: 80813ea45f02da3ae8dc432129b137636f6a2865d31446de5da8bfce00b366c1
doxygen-debuginfo-1.9.1-12.el9_4.x86_64.rpm	SHA-256: dd2d25153a3984d99f3b605879b1e4782ac6491fbfd884575bd87325a6450959
doxygen-debugsource-1.9.1-12.el9_4.x86_64.rpm	SHA-256: 8eea6b92a958bfb0a3339a6394afafdcc949eb77c65f812eebe17ba7a1833a1c
doxygen-doxywizard-1.9.1-12.el9_4.x86_64.rpm	SHA-256: 1dddc10bf16276d67ef38b57a69fe62c33b529565714760c28a2f92fa2209ba6
doxygen-doxywizard-debuginfo-1.9.1-12.el9_4.x86_64.rpm	SHA-256: 24385bb8a6dbb50bb36831186ed86a78f31bad7175e446cbf5bbfd66f41f1491
doxygen-latex-1.9.1-12.el9_4.x86_64.rpm	SHA-256: 6b5d28d5d4a8cd81648c01ca4899cfe0b4299b53128772c69ad266a33fded828

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4

SRPM
doxygen-1.9.1-12.el9_4.src.rpm	SHA-256: 36378053acda5228e002e36b18f841d600b6f1d29ca871115aceff0defbc70e5
ppc64le
doxygen-1.9.1-12.el9_4.ppc64le.rpm	SHA-256: 6c988fe9e53bdc6197ed4b9121483a041559822c5c697002f1daf067bdcc580d
doxygen-debuginfo-1.9.1-12.el9_4.ppc64le.rpm	SHA-256: 592ccc5e3afe25d3a966084a46bddb292e4e815a744a169156850b6f7849388f
doxygen-debugsource-1.9.1-12.el9_4.ppc64le.rpm	SHA-256: 4d4ee41948af2ed783bc3b1ea224d51c606d4f7fa1018aee096f45b9ffc67d17
doxygen-doxywizard-1.9.1-12.el9_4.ppc64le.rpm	SHA-256: 145b7c08e1f6cf0999f2f500522fb3b4af326d8efc95f8dfa051b8c2807e45c2
doxygen-doxywizard-debuginfo-1.9.1-12.el9_4.ppc64le.rpm	SHA-256: 2af1c0ed5c5cc443bb9d464b2d3e77d49cf2a75e172e0bda8f3bb7727465033b
doxygen-latex-1.9.1-12.el9_4.ppc64le.rpm	SHA-256: 3e35e54bd6616bea0fa084cb3f265a3486c98b227e126946f8b955b973e3a45c

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4

SRPM
doxygen-1.9.1-12.el9_4.src.rpm	SHA-256: 36378053acda5228e002e36b18f841d600b6f1d29ca871115aceff0defbc70e5
s390x
doxygen-1.9.1-12.el9_4.s390x.rpm	SHA-256: 90982752492b62bfcbf192f08f18eb22a88dda121bce535b1bed0fe45c314c61
doxygen-debuginfo-1.9.1-12.el9_4.s390x.rpm	SHA-256: 3334897c4030b8a7c72b71abb0bf2f1dd963010e684fba22290fba26ba9b7908
doxygen-debugsource-1.9.1-12.el9_4.s390x.rpm	SHA-256: a781859f62e15d921eb41cdb446f1a33dd0bfb998d5deb5e690979d7e9e35ac0
doxygen-doxywizard-1.9.1-12.el9_4.s390x.rpm	SHA-256: b0627112779bc793dc1090de9c3f1020122afce34d3b1a0851841a65729d6309
doxygen-doxywizard-debuginfo-1.9.1-12.el9_4.s390x.rpm	SHA-256: fb924235009655dbd2925be5c8b0b07a0cd628702f78343ddfbce77efc9e6149
doxygen-latex-1.9.1-12.el9_4.s390x.rpm	SHA-256: 9e9b2568e07537af678433776b67ce65a5ac9120bd055cda161f542f317046df

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4

SRPM
doxygen-1.9.1-12.el9_4.src.rpm	SHA-256: 36378053acda5228e002e36b18f841d600b6f1d29ca871115aceff0defbc70e5
aarch64
doxygen-1.9.1-12.el9_4.aarch64.rpm	SHA-256: 34ad7314ac7ce531c60bbdfc18f6ed79b9c48669e79c42514435b877f8c4ae73
doxygen-debuginfo-1.9.1-12.el9_4.aarch64.rpm	SHA-256: b0b1ea0c9ef53f462eac695c9938258bee4cdce935207611929df742ced65211
doxygen-debugsource-1.9.1-12.el9_4.aarch64.rpm	SHA-256: 152a9c9aa2f517b179fc9a9623435c34541aa381c82e53a626a834a66ba1c610
doxygen-doxywizard-1.9.1-12.el9_4.aarch64.rpm	SHA-256: dc7b617147cebeb7f92a1689e37b45f0882c269515857319532894cacecb4c0d
doxygen-doxywizard-debuginfo-1.9.1-12.el9_4.aarch64.rpm	SHA-256: 39e3b85d77d4c97493cc941128a66754077571afb28f6b10ae11a789792574b0
doxygen-latex-1.9.1-12.el9_4.aarch64.rpm	SHA-256: 00d0c60531149c4c4edf504ff9409385f50754dd866e621cb30fe30cf6aaa0eb

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation