ubuntu/+source/libxslt:ubuntu/lucid-security

Last commit made on 2013-04-02
Get this branch:
git clone -b ubuntu/lucid-security https://git.launchpad.net/ubuntu/+source/libxslt
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/lucid-security
Repository:
lp:ubuntu/+source/libxslt

Recent commits

0a81581... by Marc Deslauriers on 2013-03-28

Import patches-unapplied version 1.1.26-1ubuntu1.2 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 36a47951304f45d24f8c59c6004fb44a4d9827b9

New changelog entries:
  * SECURITY UPDATE: denial of service via malformed stylesheet
    - libxslt/functions.c, libxslt/keys.c: check for empty values
      tests/*: add tests
    - dc11b6b379a882418093ecc8adf11f6166682e8d
    - 6c99c519d97e5fcbec7a9537d190efb442e4e833
    - CVE-2012-6139

36a4795... by Marc Deslauriers on 2012-09-28

Import patches-unapplied version 1.1.26-1ubuntu1.1 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 836acc3ad550b3e7affe573314f0fe4227bf2d43

New changelog entries:
  * SECURITY UPDATE: information disclosure via generate-id XPath function
    - libxslt/functions.c: do not expose object addresses directly.
    - ecb6bcb8d1b7e44842edde3929f412d46b40c89f
    - CVE-2011-1202
  * SECURITY UPDATE: denial of service via out-of-bounds read
    - libxslt/pattern.c: fix improper loop exit.
    - fe5a4fa33eb85bce3253ed3742b1ea6c4b59b41b
    - CVE-2011-3970
  * SECURITY UPDATE: denial of service via out-of-bounds read
    - libxslt/xsltutils.h: check for XML_ELEMENT_NODE
    - e6a0bc8081271f33b9899eb78e1da1a2a0428419
    - CVE-2012-2825
  * SECURITY UPDATE: denial of service via crafted XSLT expression
    - harden code in libexslt/functions.c, libxslt/attributes.c,
      libxslt/functions.c, libxslt/pattern.c, libxslt/preproc.c,
      libxslt/templates.c, libxslt/transform.c, libxslt/variables.c,
      libxslt/xslt.c, libxslt/xsltutils.c.
    - 8566ab4a10158d195adb5f1f61afe1ee8bfebd12
    - 4da0f7e207f14a03daad4663865c285eb27f93e9
    - 24653072221e76d2f1f06aa71225229b532f8946
    - 1564b30e994602a95863d9716be83612580a2fed
    - CVE-2012-2870
  * SECURITY UPDATE: denial of service and possible code execution during
    handling of XSL transforms
    - libxslt/transform.c: check for XML_NAMESPACE_DECL
    - 937ba2a3eb42d288f53c8adc211bd1122869f0bf
    - CVE-2012-2871
  * SECURITY UPDATE: denial of service and possible code execution via
    double free during XSL transforms
    - libxslt/templates.c: Fix dictionary string usage
    - 54977ed7966847e305a2008cb18892df26eeb065
    - CVE-2012-2893

836acc3... by Matthias Klose on 2010-01-19

Import patches-unapplied version 1.1.26-1ubuntu1 to ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 51372c6085e5ac43df6f91486ab3d6f056461258

New changelog entries:
  * Merge with Debian; remaining changes:
    Build a python-libxslt1-dbg package.

51372c6... by Mike Hommey <email address hidden> on 2009-09-25

Import patches-unapplied version 1.1.26-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b7a629f313b7b2265baf223b5355eea77810b577

New changelog entries:
  * New upstream release.
    + Allow both --xinclude and --output options at the same time in xsltproc.
      Closes: #497585.

b7a629f... by Mike Hommey <email address hidden> on 2008-08-03

Import patches-unapplied version 1.1.24-2 to debian/lenny

Imported using git-ubuntu import.