Ubuntu
libxslt package

lp:ubuntu/natty-security/libxslt

Natty (11.04)
natty-security

Created by Ubuntu Package Importer on 2012-10-04 and last modified on 2012-10-04

Get this branch:: bzr branch lp:ubuntu/natty-security/libxslt

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

23. By Marc Deslauriers on 2012-09-28: * SECURITY UPDATE: information disclosure via generate-id XPath function
  - libxslt/functions.c: do not expose object addresses directly.
  - ecb6bcb8d1b7e44842edde3929f412d46b40c89f
  - CVE-2011-1202
* SECURITY UPDATE: denial of service via out-of-bounds read
  - libxslt/pattern.c: fix improper loop exit.
  - fe5a4fa33eb85bce3253ed3742b1ea6c4b59b41b
  - CVE-2011-3970
* SECURITY UPDATE: denial of service via out-of-bounds read
  - libxslt/xsltutils.h: check for XML_ELEMENT_NODE
  - e6a0bc8081271f33b9899eb78e1da1a2a0428419
  - CVE-2012-2825
* SECURITY UPDATE: denial of service via crafted XSLT expression
  - harden code in libexslt/functions.c, libxslt/attributes.c,
    libxslt/functions.c, libxslt/pattern.c, libxslt/preproc.c,
    libxslt/templates.c, libxslt/transform.c, libxslt/variables.c,
    libxslt/xslt.c, libxslt/xsltutils.c.
  - 8566ab4a10158d195adb5f1f61afe1ee8bfebd12
  - 4da0f7e207f14a03daad4663865c285eb27f93e9
  - 24653072221e76d2f1f06aa71225229b532f8946
  - 1564b30e994602a95863d9716be83612580a2fed
  - CVE-2012-2870
* SECURITY UPDATE: denial of service and possible code execution during
  handling of XSL transforms
  - libxslt/transform.c: check for XML_NAMESPACE_DECL
  - 937ba2a3eb42d288f53c8adc211bd1122869f0bf
  - CVE-2012-2871
* SECURITY UPDATE: denial of service and possible code execution via
  double free during XSL transforms
  - libxslt/templates.c: Fix dictionary string usage
  - 54977ed7966847e305a2008cb18892df26eeb065
  - CVE-2012-2893
22. By Martin Pitt on 2010-12-03: No-change upload to drop upstream changelog.
21. By Mike Hommey <email address hidden> on 2010-08-26: debian/python-libxslt1-dbg.preinst: Add preinst snippet to remove
/usr/share/doc/python-libxslt1-dbg symlink on Ubuntu. This is an
Ubuntu-only fix, but allows Ubuntu to just use the Debian package
without further modifications.
Closes: #587910
20. By Matthias Klose on 2010-01-19: Merge with Debian; remaining changes:
Build a python-libxslt1-dbg package.
19. By Matthias Klose on 2009-02-22: Build for python2.6.
18. By Michael Vogt on 2008-11-13: * Merge from debian unstable, remaining changes:
- build a python-libxslt1-dbg package.
17. By Jamie Strandboge on 2008-09-04: * SECURITY UPDATE: arbitrary code execution via RC4 functions.
* libexslt/crypto.c: upstream fixes, thanks to Moritz Muehlenhoff.
* References
CVE-2008-2935
16. By Sebastien Bacher on 2008-06-23: * merge from debian, remaining ubuntu changes:
- build a python-libxslt1-dbg package.
15. By Sebastien Bacher on 2007-11-19: * Merge from debian unstable, remaining changes:
- Build a python-libxslt1-dbg package.
14. By Matthias Klose on 2007-08-09: * Merge from Debian; remaining changes:
- Build a python-libxslt1-dbg package.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/quantal/libxslt

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntulibxslt package