[ubuntu/precise-security] libxslt 1.1.26-8ubuntu1.6 (Accepted)
Steve Langasek
steve.langasek at canonical.com
Mon May 3 12:49:36 UTC 2021
libxslt (1.1.26-8ubuntu1.6) precise-security; urgency=medium
* SECURITY UPDATE: Uninitialized read
Fix uninitialized
read of xsl:number token in libxslt/numbers.c.
- CVE-2019-13117
* SECURITY UPDATE: Uninitialized read
Fix uninitialized
read with UTF-8 grouping chars in libxslt/numbers.c,
tests/docs/bug-222.xml, tests/general/bug-222.out,
tests/general/bug-222.xsl.
- CVE-2019-13118
* SECURITY UPDATE: Buffer over-read
Fix dangling
pointer in xsltCopyText in libxslt/transform.c.
- CVE-2019-18197
libxslt (1.1.26-8ubuntu1.5) precise-security; urgency=medium
* SECURITY UPDATE: Bypass of protection mechanism
- debian/patches/CVE-2019-11068.patch: Fix security
framework bypass checking for returns equal or less
-1 in libxslt/documents.c, libxslt/imports.c,
libxslt/transform.c,libxslt/xslt.c.
- CVE-2019-11068
Date: 2019-10-22 14:44:15.610919+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Steve Langasek <steve.langasek at canonical.com>
https://launchpad.net/ubuntu/+source/libxslt/1.1.26-8ubuntu1.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list