* SECURITY UPDATE: information disclosure via generate-id XPath function - libxslt/functions.c: do not expose object addresses directly. - ecb6bcb8d1b7e44842edde3929f412d46b40c89f - CVE-2011-1202 * SECURITY UPDATE: denial of service via out-of-bounds read - libxslt/pattern.c: fix improper loop exit. - fe5a4fa33eb85bce3253ed3742b1ea6c4b59b41b - CVE-2011-3970 * SECURITY UPDATE: denial of service via out-of-bounds read - libxslt/xsltutils.h: check for XML_ELEMENT_NODE - e6a0bc8081271f33b9899eb78e1da1a2a0428419 - CVE-2012-2825 * SECURITY UPDATE: denial of service via crafted XSLT expression - harden code in libexslt/functions.c, libxslt/attributes.c, libxslt/functions.c, libxslt/pattern.c, libxslt/preproc.c, libxslt/templates.c, libxslt/transform.c, libxslt/variables.c, libxslt/xslt.c, libxslt/xsltutils.c. - 8566ab4a10158d195adb5f1f61afe1ee8bfebd12 - 4da0f7e207f14a03daad4663865c285eb27f93e9 - 24653072221e76d2f1f06aa71225229b532f8946 - 1564b30e994602a95863d9716be83612580a2fed - CVE-2012-2870 * SECURITY UPDATE: denial of service and possible code execution during handling of XSL transforms - libxslt/transform.c: check for XML_NAMESPACE_DECL - 937ba2a3eb42d288f53c8adc211bd1122869f0bf - CVE-2012-2871 * SECURITY UPDATE: denial of service and possible code execution via double free during XSL transforms - libxslt/templates.c: Fix dictionary string usage - 54977ed7966847e305a2008cb18892df26eeb065 - CVE-2012-2893