-
libxslt (1.1.29-5ubuntu0.3) bionic-security; urgency=medium
* SECURITY UPDATE: Potential heap corruption
- debian/patches/CVE-2019-5815.patch: always set
context mode before calling XPath iterators in
libxslt/numbers.c, test/docs/bug-218.xml,
tests/general/bug-128.out, tests/geral/bug-218.xsl.
- CVE-2019-5815
* SECURITY UPDATE: Use after free
- debian/patches/CVE-2021-30560.patch: fix use after free
in xsltApplyTemplates in libxslt/transform.c.
- CVE-2021-30560
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 18 Aug 2022 10:04:19 -0300
-
libxslt (1.1.29-5ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: Uninitialized read
- debian/patches/CVE-2019-13117.patch: Fix uninitialized
read of xsl:number token in libxslt/numbers.c.
- CVE-2019-13117
* SECURITY UPDATE: Uninitialized read
- debian/patches/CVE-2019-13118.patch: Fix uninitialized
read with UTF-8 grouping chars in libxslt/numbers.c,
tests/docs/bug-222.xml, tests/general/bug-222.out,
tests/general/bug-222.xsl.
- CVE-2019-13118
* SECURITY UPDATE: Buffer over-read
- debian/patches/CVE-2019-18197.patch: Fix dangling
pointer in xsltCopyText in libxslt/transform.c.
- CVE-2019-18197
-- <email address hidden> (Leonidas S. Barbosa) Tue, 22 Oct 2019 09:52:39 -0300
-
libxslt (1.1.29-5ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Bypass of protection mechanism
- debian/patches/CVE-2019-11068.patch: Fix security
framework bypass checking for returns equal or less
-1 in libxslt/documents.c, libxslt/imports.c,
libxslt/transform.c,libxslt/xslt.c.
- CVE-2019-11068
-- <email address hidden> (Leonidas S. Barbosa) Fri, 12 Apr 2019 13:56:36 -0300
-
libxslt (1.1.29-5) unstable; urgency=medium
* Team upload.
* Refresh patches using Gbp Pq.
* Add patch from upstream to fix FTBFS in ia64. Closes: #881818
* Declare that libxslt can be built without root, R³:no.
-- Mattia Rizzolo <email address hidden> Wed, 15 Nov 2017 16:27:00 +0100
-
libxslt (1.1.29-4) unstable; urgency=medium
* Team upload.
* Upload to unstable.
* Add patch from upstream to fix FTBFS with glibc 2.26. Closes: #880038
-- Mattia Rizzolo <email address hidden> Sun, 05 Nov 2017 13:36:40 +0100
-
libxslt (1.1.29-2.1ubuntu1) artful; urgency=medium
* Add rename build-dependency.
* Stop unconditionally including xlocale.h header in xsltlocale.h as it
is no longer shipped by glibc2.26. Ideally existing autoconf checks
should be used to generate xsltlocale.h with or without xlocale.h
include. LP: #1715599
-- Dimitri John Ledkov <email address hidden> Thu, 07 Sep 2017 11:43:06 +0100