On Sun, May 25, 2008 at 01:16:26AM +1000, Steffen Joeris wrote: > Hi Mike > > On Sun, 25 May 2008 01:01:52 am Mike Hommey wrote: > > On Sat, May 24, 2008 at 08:16:05PM +1000, Steffen Joeris wrote: > > > Package: libxslt1.1 > > > Version: 1.1.23-1 > > > Severity: grave > > > Tags: security, patch > > > Justification: user security hole > > > > > > Hi > > > > > > The following CVE(0) has been issued against libxslt. > > > > > > CVE-2008-1767: > > > > > > Buffer overflow in pattern.c in libxslt before 1.1.24 allows > > > context-dependent attackers to cause a denial of service (crash) and > > > possibly execute arbitrary code via an XSL style sheet file with a long > > > XSLT "transformation match" condition that triggers a large number of > > > steps. > > > > > > Upstream patch is attached. > > > > > > Please mention the CVE id in your changelog, when you fix this bug. > > > > I haven't had time to take a deep look at the issue. Anyways, uploading > > 1.1.24 in unstable (which was planned) should fix this. Is an update > > for stable required ? Or is the security team already working on it? > Thanks for your efforts. > Depending on how stable the new upstream release is, maybe it could be > uploaded with a higher urgency. For the testing-security team, it would be > great to get that bug fixed in testing.
Actually, the new release is much better than the version currently in testing, which has a broken support for xslt keys. Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
