An arbitrary file reads from malformed XML payload vulnerbility was discovered in owslib, the Python client library for Open Geospatial (OGC) web services. This issue has been addressed by always using lxml as the XML parser with entity resolution disabled. For the oldstable distribution (bullseye), this problem has been fixed in version 0.23.0-1+deb11u1. We recommend that you upgrade your owslib packages. For the detailed security status of owslib please refer to its security tracker page at: https://security-tracker.debian.org/tracker/owslib
An arbitrary file reads from malformed XML payload vulnerbility was discovered in owslib, the Python client library for Open Geospatial (OGC) web services. This issue has been addressed by always using lxml as the XML parser with entity resolution disabled.
For the oldstable distribution (bullseye), this problem has been fixed in version 0.23.0-1+deb11u1.
We recommend that you upgrade your owslib packages.
For the detailed security status of owslib please refer to its security tracker page at: https://security-tracker.debian.org/tracker/owslib