lp:ubuntu/natty-security/libxslt
- Get this branch:
- bzr branch lp:ubuntu/natty-security/libxslt
Branch merges
Branch information
Recent revisions
- 23. By Marc Deslauriers
-
* SECURITY UPDATE: information disclosure via generate-id XPath function
- libxslt/functions. c: do not expose object addresses directly.
- ecb6bcb8d1b7e44842edde3929f412 d46b40c89f
- CVE-2011-1202
* SECURITY UPDATE: denial of service via out-of-bounds read
- libxslt/pattern.c: fix improper loop exit.
- fe5a4fa33eb85bce3253ed3742b1ea 6c4b59b41b
- CVE-2011-3970
* SECURITY UPDATE: denial of service via out-of-bounds read
- libxslt/xsltutils. h: check for XML_ELEMENT_NODE
- e6a0bc8081271f33b9899eb78e1da1 a2a0428419
- CVE-2012-2825
* SECURITY UPDATE: denial of service via crafted XSLT expression
- harden code in libexslt/functions. c, libxslt/ attributes. c,
libxslt/functions. c, libxslt/pattern.c, libxslt/preproc.c,
libxslt/templates. c, libxslt/ transform. c, libxslt/ variables. c,
libxslt/xslt.c, libxslt/xsltutils. c.
- 8566ab4a10158d195adb5f1f61afe1 ee8bfebd12
- 4da0f7e207f14a03daad4663865c28 5eb27f93e9
- 24653072221e76d2f1f06aa7122522 9b532f8946
- 1564b30e994602a95863d9716be836 12580a2fed
- CVE-2012-2870
* SECURITY UPDATE: denial of service and possible code execution during
handling of XSL transforms
- libxslt/transform. c: check for XML_NAMESPACE_DECL
- 937ba2a3eb42d288f53c8adc211bd1 122869f0bf
- CVE-2012-2871
* SECURITY UPDATE: denial of service and possible code execution via
double free during XSL transforms
- libxslt/templates. c: Fix dictionary string usage
- 54977ed7966847e305a2008cb18892 df26eeb065
- CVE-2012-2893 - 21. By Mike Hommey <email address hidden>
-
debian/
python- libxslt1- dbg.preinst: Add preinst snippet to remove
/usr/share/doc/python- libxslt1- dbg symlink on Ubuntu. This is an
Ubuntu-only fix, but allows Ubuntu to just use the Debian package
without further modifications.
Closes: #587910 - 18. By Michael Vogt
-
* Merge from debian unstable, remaining changes:
- build a python-libxslt1-dbg package. - 17. By Jamie Strandboge
-
* SECURITY UPDATE: arbitrary code execution via RC4 functions.
* libexslt/crypto.c: upstream fixes, thanks to Moritz Muehlenhoff.
* References
CVE-2008-2935 - 16. By Sebastien Bacher
-
* merge from debian, remaining ubuntu changes:
- build a python-libxslt1-dbg package. - 15. By Sebastien Bacher
-
* Merge from debian unstable, remaining changes:
- Build a python-libxslt1-dbg package. - 14. By Matthias Klose
-
* Merge from Debian; remaining changes:
- Build a python-libxslt1-dbg package.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/quantal/libxslt