lp:ubuntu/oneiric-updates/libxslt
- Get this branch:
- bzr branch lp:ubuntu/oneiric-updates/libxslt
Branch merges
Branch information
Recent revisions
- 25. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via malformed stylesheet
- libxslt/functions. c, libxslt/keys.c: check for empty values
tests/*: add tests
- dc11b6b379a882418093ecc8adf11f 6166682e8d
- 6c99c519d97e5fcbec7a9537d190ef b442e4e833
- CVE-2012-6139 - 24. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via out-of-bounds read
- libxslt/pattern.c: fix improper loop exit.
- fe5a4fa33eb85bce3253ed3742b1ea 6c4b59b41b
- CVE-2011-3970
* SECURITY UPDATE: denial of service via out-of-bounds read
- libxslt/xsltutils. h: check for XML_ELEMENT_NODE
- e6a0bc8081271f33b9899eb78e1da1 a2a0428419
- CVE-2012-2825
* SECURITY UPDATE: denial of service via crafted XSLT expression
- harden code in libexslt/functions. c, libxslt/ attributes. c,
libxslt/functions. c, libxslt/pattern.c, libxslt/preproc.c,
libxslt/templates. c, libxslt/ transform. c, libxslt/ variables. c,
libxslt/xslt.c, libxslt/xsltutils. c.
- 8566ab4a10158d195adb5f1f61afe1 ee8bfebd12
- 4da0f7e207f14a03daad4663865c28 5eb27f93e9
- 24653072221e76d2f1f06aa7122522 9b532f8946
- 1564b30e994602a95863d9716be836 12580a2fed
- CVE-2012-2870
* SECURITY UPDATE: denial of service and possible code execution during
handling of XSL transforms
- libxslt/transform. c: check for XML_NAMESPACE_DECL
- 937ba2a3eb42d288f53c8adc211bd1 122869f0bf
- CVE-2012-2871
* SECURITY UPDATE: denial of service and possible code execution via
double free during XSL transforms
- libxslt/templates. c: Fix dictionary string usage
- 54977ed7966847e305a2008cb18892 df26eeb065
- CVE-2012-2893 - 23. By Mike Hommey <email address hidden>
-
libxslt/
functions. c: Fix generate-id() to not expose object addresses.
Closes: #617413. Fixes: CVE-2011-1202. - 21. By Mike Hommey <email address hidden>
-
debian/
python- libxslt1- dbg.preinst: Add preinst snippet to remove
/usr/share/doc/python- libxslt1- dbg symlink on Ubuntu. This is an
Ubuntu-only fix, but allows Ubuntu to just use the Debian package
without further modifications.
Closes: #587910 - 18. By Michael Vogt
-
* Merge from debian unstable, remaining changes:
- build a python-libxslt1-dbg package. - 17. By Jamie Strandboge
-
* SECURITY UPDATE: arbitrary code execution via RC4 functions.
* libexslt/crypto.c: upstream fixes, thanks to Moritz Muehlenhoff.
* References
CVE-2008-2935 - 16. By Sebastien Bacher
-
* merge from debian, remaining ubuntu changes:
- build a python-libxslt1-dbg package.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/quantal/libxslt