Ubuntu
libxslt package

Change logs for libxslt source package in Bionic

  1. Bionic (18.04)
  2. Change log 
  • libxslt (1.1.29-5ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: Potential heap corruption
    - debian/patches/CVE-2019-5815.patch: always set
      context mode before calling XPath iterators in
      libxslt/numbers.c, test/docs/bug-218.xml,
      tests/general/bug-128.out, tests/geral/bug-218.xsl.
    - CVE-2019-5815
  * SECURITY UPDATE: Use after free
    - debian/patches/CVE-2021-30560.patch: fix use after free
      in xsltApplyTemplates in libxslt/transform.c.
    - CVE-2021-30560

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 18 Aug 2022 10:04:19 -0300
  • libxslt (1.1.29-5ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Uninitialized read
    - debian/patches/CVE-2019-13117.patch: Fix uninitialized
      read of xsl:number token in libxslt/numbers.c.
    - CVE-2019-13117
  * SECURITY UPDATE: Uninitialized read
    - debian/patches/CVE-2019-13118.patch: Fix uninitialized
      read with UTF-8 grouping chars in libxslt/numbers.c,
      tests/docs/bug-222.xml, tests/general/bug-222.out,
      tests/general/bug-222.xsl.
    - CVE-2019-13118
  * SECURITY UPDATE: Buffer over-read
    - debian/patches/CVE-2019-18197.patch: Fix dangling
      pointer in xsltCopyText in libxslt/transform.c.
    - CVE-2019-18197

 -- <email address hidden> (Leonidas S. Barbosa)  Tue, 22 Oct 2019 09:52:39 -0300
  • libxslt (1.1.29-5ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Bypass of protection mechanism
    - debian/patches/CVE-2019-11068.patch: Fix security
      framework bypass checking for returns equal or less
      -1 in libxslt/documents.c, libxslt/imports.c,
      libxslt/transform.c,libxslt/xslt.c.
    - CVE-2019-11068

 -- <email address hidden> (Leonidas S. Barbosa)  Fri, 12 Apr 2019 13:56:36 -0300
  • libxslt (1.1.29-5) unstable; urgency=medium

  * Team upload.
  * Refresh patches using Gbp Pq.
  * Add patch from upstream to fix FTBFS in ia64.  Closes: #881818
  * Declare that libxslt can be built without root, R³:no.

 -- Mattia Rizzolo <email address hidden>  Wed, 15 Nov 2017 16:27:00 +0100
  • libxslt (1.1.29-4) unstable; urgency=medium

  * Team upload.
  * Upload to unstable.
  * Add patch from upstream to fix FTBFS with glibc 2.26.  Closes: #880038

 -- Mattia Rizzolo <email address hidden>  Sun, 05 Nov 2017 13:36:40 +0100
  • libxslt (1.1.29-2.1ubuntu1) artful; urgency=medium

  * Add rename build-dependency.
  * Stop unconditionally including xlocale.h header in xsltlocale.h as it
    is no longer shipped by glibc2.26. Ideally existing autoconf checks
    should be used to generate xsltlocale.h with or without xlocale.h
    include. LP: #1715599

 -- Dimitri John Ledkov <email address hidden>  Thu, 07 Sep 2017 11:43:06 +0100