[ubuntu/plucky-proposed] libxslt 1.1.39-0exp1ubuntu4 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed Mar 19 17:36:25 UTC 2025
libxslt (1.1.39-0exp1ubuntu4) plucky; urgency=medium
* SECURITY UPDATE: use-after-free via nested XPath evaluations
- debian/patches/CVE-2025-24855.patch: properly handle XPath context
nodes and transformation context nodes in libxslt/numbers.c,
libxslt/templates.c, libxslt/xsltutils.c.
- CVE-2025-24855
Date: Wed, 19 Mar 2025 12:45:49 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libxslt/1.1.39-0exp1ubuntu4
-------------- next part --------------
Format: 1.8
Date: Wed, 19 Mar 2025 12:45:49 -0400
Source: libxslt
Built-For-Profiles: noudeb
Architecture: source
Version: 1.1.39-0exp1ubuntu4
Distribution: plucky
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
libxslt (1.1.39-0exp1ubuntu4) plucky; urgency=medium
.
* SECURITY UPDATE: use-after-free via nested XPath evaluations
- debian/patches/CVE-2025-24855.patch: properly handle XPath context
nodes and transformation context nodes in libxslt/numbers.c,
libxslt/templates.c, libxslt/xsltutils.c.
- CVE-2025-24855
Checksums-Sha1:
c905c160fb80f12b50c535a8324f5213b0926565 2275 libxslt_1.1.39-0exp1ubuntu4.dsc
6c276b0bd90200684562684e8ed42b7b3be306e9 23540 libxslt_1.1.39-0exp1ubuntu4.debian.tar.xz
a5fff88e7a4b042793e38ea79a2a0baabaa877d7 6422 libxslt_1.1.39-0exp1ubuntu4_source.buildinfo
Checksums-Sha256:
1e7f7d42e0893526c707b4ffa23c4e0d9ddfc5a610513114d7d3070cc0048515 2275 libxslt_1.1.39-0exp1ubuntu4.dsc
d90f2c26d7f2d2bb2c2621552e4934f6239f69503206ff91bc21f3b7441bc2b7 23540 libxslt_1.1.39-0exp1ubuntu4.debian.tar.xz
ada8d4b9f2f4a8ab048e032a80ab83a8f88ccdcfaa2b91177773c27a2aaeeaf2 6422 libxslt_1.1.39-0exp1ubuntu4_source.buildinfo
Files:
27f0630735e7670b3fdbfa8a9fa3b4e1 2275 text optional libxslt_1.1.39-0exp1ubuntu4.dsc
24b38304ac83737293cde09efa5f8ae1 23540 text optional libxslt_1.1.39-0exp1ubuntu4.debian.tar.xz
4bbaca8aa8a44c9f5eee0696b0af6a06 6422 text optional libxslt_1.1.39-0exp1ubuntu4_source.buildinfo
Original-Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs at lists.alioth.debian.org>
More information about the plucky-changes
mailing list