Date: Sun, 19 Jun 2016 10:37:09 +0000 From: bugzilla-noreply@freebsd.org To: gnome@FreeBSD.org Subject: [Bug 210298] textproc/libxslt: Update to 1.1.29 Message-ID: <bug-210298-6497-zZ9PzWPa1k@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-210298-6497@https.bugs.freebsd.org/bugzilla/> References: <bug-210298-6497@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D210298 --- Comment #5 from Vladimir Krstulja <vlad-fbsd@acheronmedia.com> --- Two new CVEs are apparently fixed in 1.1.29: * CVE-2016-1683 https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2016-1683 numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly ha= ve unspecified other impact via a crafted document. * CVE-2016-1684 https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2016-1684 =20 https://git.gnome.org/browse/libxslt/commit/libxslt/numbers.c?id=3D91d0540a= c9beaa86719a05b749219a69baa0dd8d=20 numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allo= ws remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted docume= nt. --=20 You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-210298-6497-zZ9PzWPa1k>