Project

General

Profile

Bug #1755

Multiple Vulnerabilities in libxslt <= 1.1.27 allows remote denial of service

Added by Leonardo Arena about 6 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
High
Assignee:
-
Category:
Security
Target version:
Start date:
04/05/2013
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:

Description

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139
https://bugzilla.gnome.org/show_bug.cgi?id=685328

A read at NULL occurs in SKIP_BLANKS when an invalid "use" parameter is given to "xsl:key"

Patch: https://git.gnome.org/browse/libxslt/patch/?id=dc11b6b379a882418093ecc8adf11f6166682e8d

https://bugzilla.gnome.org/show_bug.cgi?id=685330

Patch: https://git.gnome.org/browse/libxslt/patch/?id=6c99c519d97e5fcbec7a9537d190efb442e4e833

A read near NULL occurs in xsltDocumentFunction() when an uninitialized variable is used as a parameter to the document() function


Subtasks

Bug #1756: Multiple Vulnerabilities in libxslt <= 1.1.27 allows remote denial of serviceClosed

Bug #1757: Multiple Vulnerabilities in libxslt <= 1.1.27 allows remote denial of serviceClosed

Bug #1758: Multiple Vulnerabilities in libxslt <= 1.1.27 allows remote denial of serviceClosed

Bug #1759: Multiple Vulnerabilities in libxslt <= 1.1.27 allows remote denial of serviceClosed

Associated revisions

Revision d6422a55 (diff)
Added by Natanael Copa about 6 years ago

main/libxslt: upgrade to 1.1.28 (CVE-2012-6139)

fixes #1755

History

#1 Updated by Natanael Copa about 6 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Natanael Copa about 6 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF