Bug 41560

Summary: libxslt: Multiple issues (4.1)
Product: UCS Reporter: Arvid Requate <requate>
Component: Security updatesAssignee: Janek Walkenhorst <walkenhorst>
Status: CLOSED FIXED QA Contact: Arvid Requate <requate>
Severity: normal    
Priority: P5 CC: gohmann
Version: UCS 4.1Flags: requate: Patch_Available+
Target Milestone: UCS 4.1-3-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: Security Issue What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional): Security
Max CVSS v3 score:
Bug Depends on:    
Bug Blocks: 41561    

Description Arvid Requate univentionstaff 2016-06-14 13:31:24 CEST 
The following issues have been fixed in the upstream Debian package version 1.1.26-14.1+deb7u1:

* The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent nonfusion" issue. (CVE-2015-7995)

* numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles nssibly have unspecified other impact via a crafted document. (CVE-2016-1683)

* numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles t or resource consumption) or possibly have unspecified other impact via a crafted document. (CVE-2016-1684)
Comment 1 Janek Walkenhorst univentionstaff 2016-08-26 15:25:28 CEST 
Tests (i386): OK
Advisory: libxslt.yaml
Comment 2 Arvid Requate univentionstaff 2016-09-05 19:00:37 CEST 
Verified:
* 1.1.26-14.1+deb7u1 imported and built
* No UCS 4.x patches
* Package update Ok (amd64)
* Advisory Ok
Comment 3 Janek Walkenhorst univentionstaff 2016-09-07 18:41:42 CEST 
<http://errata.software-univention.de/ucs/4.1/251.html>