[ubuntu/disco-security] libxslt 1.1.32-2ubuntu0.2 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Tue Oct 22 17:17:49 UTC 2019


libxslt (1.1.32-2ubuntu0.2) disco-security; urgency=medium

  * SECURITY UPDATE: Uninitialized read
    - debian/patches/CVE-2019-13117.patch: Fix uninitialized
      read of xsl:number token in libxslt/numbers.c.
    - CVE-2019-13117
  * SECURITY UPDATE: Uninitialized read
    - debian/patches/CVE-2019-13118.patch: Fix uninitialized
      read with UTF-8 grouping chars in libxslt/numbers.c,
      tests/docs/bug-222.xml, tests/general/bug-222.out,
      tests/general/bug-222.xsl.
    - CVE-2019-13118
  * SECURITY UPDATE: Buffer over-read
    - debian/patches/CVE-2019-18197.patch: Fix dangling
      pointer in xsltCopyText in libxslt/transform.c.
    - CVE-2019-18197

Date: 2019-10-22 14:54:15.760833+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/libxslt/1.1.32-2ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the Disco-changes mailing list