libxslt 1.1.28-2ubuntu0.1 source package in Ubuntu
Changelog
libxslt (1.1.28-2ubuntu0.1) trusty-security; urgency=medium
* SECURITY UPDATE: type-confusion leading to denial of service
- debian/patches/0009-CVE-2015-7955.patch: check that the parent
node is an element before dereferencing its namespace
- CVE-2015-7955
* SECURITY UPDATE: out-of-bounds heap memory access
- debian/patches/0010-CVE-2016-1683.patch: special case namespace
nodes in xsltNumberFormatGetMultipleLevel
- CVE-2016-1683
* SECURITY UPDATE: integer overflow
- debian/patches/0011-CVE-2016-1684-1.patch,
debian/patches/0012-CVE-2016-1684-2.patch: add lower and upper
bounds for 'i' and 'a' format tokens
- CVE-2016-1684
* SECURITY UPDATE: use-after-free in xsltDocumentFunctionLoadDocument
- debian/patches/0013-CVE-2016-1841.patch: adjust xmlFree() call
- CVE-2016-1841
* SECURITY UPDATE: heap information leak
- debian/patches/0014-CVE-2016-4738.patch: check for empty
decimal separator.
- CVE-2016-4738
* SECURITY UPDATE: integer overflow in libxslt.
- debian/patches/0015-CVE-2017-5029.patch: limit buffer size in
xsltAddTextString to INT_MAX.
- CVE-2017-5029
* SECURITY UPDATE: double free in hash functions
- 0016-Fix-double-free-in-libexslt-hash-functions-d8862309f0.patch:
remove duplicate free calls
* SECURITY UPDATE: NULL pointer dereference in Saxon
- 0017-Fix-error-handling-in-Saxon-extension-functions-ef7429bb4.patch:
fix error handling in Saxon extension functions
* SECURITY UPDATE: out-of-bounds heap memory access
- 0018-Fix-dyn-map-with-namespace-nodes-93bb3147.patch: use
correct type for namespace nodes in exsltDynMapFunction
* SECURITY UPDATE: out-of-bounds heap read memory access
- 0019-Fix-saxon-line-number-with-namespace-nodes-8b90c9a6.patch:
do not pass namespace "nodes" to xmlGetLineNo
* SECURITY UPDATE: stack-based buffer overflow in exsltDateFormat
- 0020-Fix-buffer-overflow-in-exsltDateFormat-5d0c6565b.patch:
make stack buffer larger
* SECURITY UPDATE: out-of-bounds head read in xsltExtModuleRegisterDynamic
- 0021-Fix-OOB-heap-read-in-xsltExtModuleRegisterDynamic-87c3d9ea.patch:
correct stripping of unwanted characters
-- Steve Beattie <email address hidden> Wed, 26 Apr 2017 16:34:05 -0700
Upload details
- Uploaded by:
- Steve Beattie
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- text
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libxslt_1.1.28.orig.tar.gz | 3.3 MiB | 5fc7151a57b89c03d7b825df5a0fae0a8d5f05674c0e7cf2937ecec4d54a028c |
| libxslt_1.1.28-2ubuntu0.1.debian.tar.gz | 46.7 KiB | a81a86242c2510864b9d71f29ff94882063a9afa292a20485788c03050fb9b23 |
| libxslt_1.1.28-2ubuntu0.1.dsc | 2.4 KiB | 1a4ced31aca0f9a8dcf37fe39f6b99a3d7cc055576fa124835c31312d58d5a12 |
Available diffs
Binary packages built by this source
- libxslt1-dbg: XSLT 1.0 processing library - debugging symbols
XSLT is an XML language for defining transformations of XML files from
XML to some other arbitrary format, such as XML, HTML, plain text, etc.
using standard XSLT stylesheets. libxslt is a C library which
implements XSLT version 1.0.
.
This package provides the debugging symbols for the library and for
the xsltproc utility provided by the xsltproc package.
Debugging symbols for the Python modules are not available.
- libxslt1-dev: XSLT 1.0 processing library - development kit
XSLT is an XML language for defining transformations of XML files from
XML to some other arbitrary format, such as XML, HTML, plain text, etc.
using standard XSLT stylesheets. libxslt is a C library which
implements XSLT version 1.0.
.
This package contains the development files for libxslt.
- libxslt1-dev-dbgsym: debug symbols for package libxslt1-dev
XSLT is an XML language for defining transformations of XML files from
XML to some other arbitrary format, such as XML, HTML, plain text, etc.
using standard XSLT stylesheets. libxslt is a C library which
implements XSLT version 1.0.
.
This package contains the development files for libxslt.
- libxslt1.1: XSLT 1.0 processing library - runtime library
XSLT is an XML language for defining transformations of XML files from
XML to some other arbitrary format, such as XML, HTML, plain text, etc.
using standard XSLT stylesheets. libxslt is a C library which
implements XSLT version 1.0.
.
This package contains the libxslt library used by applications for XSLT
transformations.
- libxslt1.1-dbgsym: debug symbols for package libxslt1.1
XSLT is an XML language for defining transformations of XML files from
XML to some other arbitrary format, such as XML, HTML, plain text, etc.
using standard XSLT stylesheets. libxslt is a C library which
implements XSLT version 1.0.
.
This package contains the libxslt library used by applications for XSLT
transformations.
- python-libxslt1: Python bindings for libxslt1
XSLT is an XML language for defining transformations of XML files from
XML to some other arbitrary format, such as XML, HTML, plain text, etc.
using standard XSLT stylesheets. libxslt is a C library which
implements XSLT version 1.0.
.
This package contains Python bindings for libxslt, needed to use
libxslt in Python programs.
- python-libxslt1-dbg: Python bindings for libxslt1 (debug extension)
XSLT is an XML language for defining transformations of XML files from
XML to some other arbitrary format, such as XML, HTML, plain text, etc.
using standard XSLT stylesheets. libxslt is a C library which
implements XSLT version 1.0.
.
This package contains Python bindings for libxslt, needed to use
libxslt in Python programs for use with the Python debug interpreter.
- python-libxslt1-dbgsym: debug symbols for package python-libxslt1
XSLT is an XML language for defining transformations of XML files from
XML to some other arbitrary format, such as XML, HTML, plain text, etc.
using standard XSLT stylesheets. libxslt is a C library which
implements XSLT version 1.0.
.
This package contains Python bindings for libxslt, needed to use
libxslt in Python programs.
- xsltproc: XSLT 1.0 command line processor
XSLT is an XML language for defining transformations of XML files from
XML to some other arbitrary format, such as XML, HTML, plain text, etc.
using standard XSLT version 1.0 stylesheets.
.
This package contains a command line tool that facilitates XSLT
transformations.
- xsltproc-dbgsym: debug symbols for package xsltproc
XSLT is an XML language for defining transformations of XML files from
XML to some other arbitrary format, such as XML, HTML, plain text, etc.
using standard XSLT version 1.0 stylesheets.
.
This package contains a command line tool that facilitates XSLT
transformations.
