1
libxslt (1.1.22-1ubuntu1.3) hardy-security; urgency=low
3
* SECURITY UPDATE: information disclosure via generate-id XPath function
4
- libxslt/functions.c: do not expose object addresses directly.
5
- ecb6bcb8d1b7e44842edde3929f412d46b40c89f
7
* SECURITY UPDATE: denial of service via out-of-bounds read
8
- libxslt/pattern.c: fix improper loop exit.
9
- fe5a4fa33eb85bce3253ed3742b1ea6c4b59b41b
11
* SECURITY UPDATE: denial of service via out-of-bounds read
12
- libxslt/xsltutils.h: check for XML_ELEMENT_NODE
13
- e6a0bc8081271f33b9899eb78e1da1a2a0428419
15
* SECURITY UPDATE: denial of service via crafted XSLT expression
16
- harden code in libexslt/functions.c, libxslt/attributes.c,
17
libxslt/functions.c, libxslt/pattern.c, libxslt/preproc.c,
18
libxslt/templates.c, libxslt/transform.c, libxslt/variables.c,
19
libxslt/xslt.c, libxslt/xsltutils.c.
20
- 8566ab4a10158d195adb5f1f61afe1ee8bfebd12
21
- 4da0f7e207f14a03daad4663865c285eb27f93e9
22
- 24653072221e76d2f1f06aa71225229b532f8946
23
- 1564b30e994602a95863d9716be83612580a2fed
25
* SECURITY UPDATE: denial of service and possible code execution during
26
handling of XSL transforms
27
- libxslt/transform.c: check for XML_NAMESPACE_DECL
28
- 937ba2a3eb42d288f53c8adc211bd1122869f0bf
30
* SECURITY UPDATE: denial of service and possible code execution via
31
double free during XSL transforms
32
- libxslt/templates.c: Fix dictionary string usage
33
- 54977ed7966847e305a2008cb18892df26eeb065
36
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 28 Sep 2012 15:40:31 -0400
1
38
libxslt (1.1.22-1ubuntu1.2) hardy-security; urgency=high
3
40
* SECURITY UPDATE: arbitrary code execution via long transformation.