Univention Bugzilla – Bug 41560
libxslt: Multiple issues (4.1)
Last modified: 2016-09-21 21:27:39 CEST
The following issues have been fixed in the upstream Debian package version 1.1.26-14.1+deb7u1: * The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent nonfusion" issue. (CVE-2015-7995) * numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles nssibly have unspecified other impact via a crafted document. (CVE-2016-1683) * numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles t or resource consumption) or possibly have unspecified other impact via a crafted document. (CVE-2016-1684)
Tests (i386): OK Advisory: libxslt.yaml
Verified: * 1.1.26-14.1+deb7u1 imported and built * No UCS 4.x patches * Package update Ok (amd64) * Advisory Ok
<http://errata.software-univention.de/ucs/4.1/251.html>