Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libxslt for openSUSE:Factory checked in at 2025-10-08 18:13:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libxslt (Old) and /work/SRC/openSUSE:Factory/.libxslt.new.11973 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libxslt" Wed Oct 8 18:13:31 2025 rev:74 rq:1309625 version:1.1.43 Changes: -------- --- /work/SRC/openSUSE:Factory/libxslt/libxslt.changes 2025-07-20 15:28:39.671049377 +0200 +++ /work/SRC/openSUSE:Factory/.libxslt.new.11973/libxslt.changes 2025-10-08 18:14:26.838217361 +0200 @@ -1,0 +2,8 @@ +Thu Oct 2 13:18:49 UTC 2025 - [email protected] + +- security update +- added patches + CVE-2025-10911 [bsc#1250553], use-after-free with key data stored cross-RVT + * libxslt-CVE-2025-10911.patch + +------------------------------------------------------------------- New: ---- libxslt-CVE-2025-10911.patch ----------(New B)---------- New: CVE-2025-10911 [bsc#1250553], use-after-free with key data stored cross-RVT * libxslt-CVE-2025-10911.patch ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libxslt.spec ++++++ --- /var/tmp/diff_new_pack.Nklffu/_old 2025-10-08 18:14:27.678252613 +0200 +++ /var/tmp/diff_new_pack.Nklffu/_new 2025-10-08 18:14:27.682252781 +0200 @@ -1,7 +1,7 @@ # # spec file for package libxslt # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2025 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -42,6 +42,8 @@ Patch1: libxslt-random-seed.patch # CVE-2025-7424 [bsc#1246360], Type confusion in xmlNode.psvi between stylesheet and source nodes Patch2: libxslt-CVE-2025-7424.patch +# CVE-2025-10911 [bsc#1250553], use-after-free with key data stored cross-RVT +Patch3: libxslt-CVE-2025-10911.patch BuildRequires: fdupes BuildRequires: gcc BuildRequires: libgcrypt-devel ++++++ libxslt-CVE-2025-10911.patch ++++++ ++++ 682 lines (skipped)
