libxslt (1.1.26-8ubuntu1.6) precise-security; urgency=medium

  * SECURITY UPDATE: Uninitialized read
      Fix uninitialized
      read of xsl:number token in libxslt/numbers.c.
    - CVE-2019-13117
  * SECURITY UPDATE: Uninitialized read
      Fix uninitialized
      read with UTF-8 grouping chars in libxslt/numbers.c,
      tests/docs/bug-222.xml, tests/general/bug-222.out,
      tests/general/bug-222.xsl.
    - CVE-2019-13118
  * SECURITY UPDATE: Buffer over-read
      Fix dangling
      pointer in xsltCopyText in libxslt/transform.c.
    - CVE-2019-18197

libxslt (1.1.26-8ubuntu1.5) precise-security; urgency=medium

  * SECURITY UPDATE: Bypass of protection mechanism
    - debian/patches/CVE-2019-11068.patch: Fix security
      framework bypass checking for returns equal or less
      -1 in libxslt/documents.c, libxslt/imports.c,
      libxslt/transform.c,libxslt/xslt.c.
    - CVE-2019-11068

Date: 2019-10-22 14:44:15.610919+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-ro...@lists.canonical.com>
https://launchpad.net/ubuntu/+source/libxslt/1.1.26-8ubuntu1.6
Sorry, changesfile not available.
-- 
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/precise-changes

Reply via email to