Re: [blfs-book] [BLFS Trac] #12209: Fix CVE-2019-11068 in libxslt (Security Framework Bypass)

Sat, 29 Jun 2019 17:50:22 -0700 

#12209: Fix CVE-2019-11068 in libxslt (Security Framework Bypass)
-------------------------+------------------------
 Reporter:  renodr       |       Owner:  blfs-book
     Type:  enhancement  |      Status:  new
 Priority:  high         |   Milestone:  9.0
Component:  BOOK         |     Version:  SVN
 Severity:  normal       |  Resolution:
 Keywords:               |
-------------------------+------------------------
Description changed by bdubbs:

Old description:

> I noticed a Debian Security Update for this on one of my debian machines,
> and thought it was worth a look into. After finding it, I came across
> this:
>
> [https://nvd.nist.gov/vuln/detail/CVE-2019-11068]
>
> {{{
> libxslt through 1.1.33 allows bypass of a protection mechanism because
> callers of xsltCheckRead and xsltCheckWrite permit access even upon
> receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL
> that is not actually invalid and is subsequently loaded.
> }}}
>
> We need to apply the following commit:
>
> [https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6]
>
> Although the rest of the commits in the libxslt repo from the release of
> libxslt-1.1.33 onwards seem to be security related, so we might just want
> to create a consolidated patch. Mostly integer overflows it looks like.

New description:

 I noticed a Debian Security Update for this on one of my debian machines,
 and thought it was worth a look into. After finding it, I came across
 this:

 [https://nvd.nist.gov/vuln/detail/CVE-2019-11068]

 {{{
 libxslt through 1.1.33 allows bypass of a protection mechanism because
 callers of xsltCheckRead and xsltCheckWrite permit access even upon
 receiving a -1 error code. xsltCheckRead can return -1 for a crafted
 URL that is not actually invalid and is subsequently loaded.
 }}}

 We need to apply the following commit:

 
[https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6]

 Although the rest of the commits in the libxslt repo from the release of
 libxslt-1.1.33 onwards seem to be security related, so we might just want
 to create a consolidated patch. Mostly integer overflows it looks like.

--

--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/12209#comment:2>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
-- 
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to