ubuntu/+source/libxslt:ubuntu/hardy-security

Last commit made on 2013-04-02
Get this branch:
git clone -b ubuntu/hardy-security https://git.launchpad.net/ubuntu/+source/libxslt
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/hardy-security
Repository:
lp:ubuntu/+source/libxslt

Recent commits

e4d60a3... by Marc Deslauriers on 2013-03-28

Import patches-unapplied version 1.1.22-1ubuntu1.4 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: e40afb96b4d9352d242a5b1bdd231a6072a0fe15

New changelog entries:
  * SECURITY UPDATE: denial of service via malformed stylesheet
    - libxslt/functions.c, libxslt/keys.c: check for empty values
      tests/*: add tests
    - dc11b6b379a882418093ecc8adf11f6166682e8d
    - 6c99c519d97e5fcbec7a9537d190efb442e4e833
    - CVE-2012-6139

e40afb9... by Marc Deslauriers on 2012-09-28

Import patches-unapplied version 1.1.22-1ubuntu1.3 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 06fef164b5ecae48d457302f9855bf2c57649c5a

New changelog entries:
  * SECURITY UPDATE: information disclosure via generate-id XPath function
    - libxslt/functions.c: do not expose object addresses directly.
    - ecb6bcb8d1b7e44842edde3929f412d46b40c89f
    - CVE-2011-1202
  * SECURITY UPDATE: denial of service via out-of-bounds read
    - libxslt/pattern.c: fix improper loop exit.
    - fe5a4fa33eb85bce3253ed3742b1ea6c4b59b41b
    - CVE-2011-3970
  * SECURITY UPDATE: denial of service via out-of-bounds read
    - libxslt/xsltutils.h: check for XML_ELEMENT_NODE
    - e6a0bc8081271f33b9899eb78e1da1a2a0428419
    - CVE-2012-2825
  * SECURITY UPDATE: denial of service via crafted XSLT expression
    - harden code in libexslt/functions.c, libxslt/attributes.c,
      libxslt/functions.c, libxslt/pattern.c, libxslt/preproc.c,
      libxslt/templates.c, libxslt/transform.c, libxslt/variables.c,
      libxslt/xslt.c, libxslt/xsltutils.c.
    - 8566ab4a10158d195adb5f1f61afe1ee8bfebd12
    - 4da0f7e207f14a03daad4663865c285eb27f93e9
    - 24653072221e76d2f1f06aa71225229b532f8946
    - 1564b30e994602a95863d9716be83612580a2fed
    - CVE-2012-2870
  * SECURITY UPDATE: denial of service and possible code execution during
    handling of XSL transforms
    - libxslt/transform.c: check for XML_NAMESPACE_DECL
    - 937ba2a3eb42d288f53c8adc211bd1122869f0bf
    - CVE-2012-2871
  * SECURITY UPDATE: denial of service and possible code execution via
    double free during XSL transforms
    - libxslt/templates.c: Fix dictionary string usage
    - 54977ed7966847e305a2008cb18892df26eeb065
    - CVE-2012-2893

06fef16... by Kees Cook on 2008-08-01

Import patches-unapplied version 1.1.22-1ubuntu1.2 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: ccacbfee83ada3fc5503abdacaaafc56c68965c7

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via long transformation.
  * libxslt/pattern.c: upstream fixes, thanks to Steve Kemp.
  * debian/rules: enable test suite.
  * References
    CVE-2008-1767

ccacbfe... by Kees Cook on 2008-07-31

Import patches-unapplied version 1.1.22-1ubuntu1.1 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: f308507aa80afc06132c5e343713febafe9306c5

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via RC4 functions.
  * libexslt/crypto.c: upstream fixes, thanks to Moritz Muehlenhoff.
  * References
    CVE-2008-2935

f308507... by Sebastien Bacher on 2007-11-19

Import patches-unapplied version 1.1.22-1ubuntu1 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: 2a805a242e4c3c489938dbc5d1024097c6edec06

New changelog entries:
  * Merge from debian unstable, remaining changes:
    - Build a python-libxslt1-dbg package.
  * New upstream release.

2a805a2... by Matthias Klose on 2007-08-09

Import patches-unapplied version 1.1.21-2ubuntu2 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 55fe48173ec499b379016b159f8b464cda19e1eb

New changelog entries:
  * Merge from Debian; remaining changes:
    - Build a python-libxslt1-dbg package.
  * libxslt/xslt.c: Removed the exclude-result-prefix change making some
    transformations crash. This reversal has also been done upstream.
    Closes: #434300.

55fe481... by Matthias Klose on 2007-06-14

Import patches-unapplied version 1.1.21-1ubuntu1 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 1f27b92dd35cfd4153d76acdc5572c8056ffc41a

New changelog entries:
  * Merge from Debian; remaining changes:
    - Build a python-libxslt1-dbg package.
  * New upstream release.
  * debian/rules: Leave shlibs version to >= 1.1.18: no new symbols.

1f27b92... by Matthias Klose on 2007-05-18

Import patches-unapplied version 1.1.20-1ubuntu1 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: e81c37757ce8bfc792855d8fcbc31b60a905dc44

New changelog entries:
  * Merge with Debian; remaining changes:
    - Build a python-libxslt1-dbg package.
  * New upstream release.
  * debian/rules: Leave shlibs version to >= 1.1.18, since the only added
    symbols are not supposed to be used (i.e. documented as such), but are
    necessary for libexslt.

e81c377... by Matthias Klose on 2007-02-18

Import patches-unapplied version 1.1.20-0ubuntu2 to ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: 392b2831649892c90b2ca31dd1019976455b50ab

New changelog entries:
  * Build a python-libxslt1-dbg package.
  * Set Ubuntu maintainer address.

392b283... by Daniel Holbach on 2007-01-24

Import patches-unapplied version 1.1.20-0ubuntu1 to ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: 5bd0262376581068ec2749af431a8d43b7efb47b

New changelog entries:
  * New upstream release.
  * debian/rules:
    - bumped shlibs, new interfaces added.