Information on source package libxslt

Available versions

ReleaseVersion
jessie1.1.28-2+deb8u3
jessie (security)1.1.28-2+deb8u4
stretch1.1.29-2.1
buster1.1.32-2
sid1.1.32-2

Open issues

BugjessiestretchbustersidDescription
CVE-2019-11068fixedvulnerable (no DSA)vulnerablevulnerablelibxslt through 1.1.33 allows bypass of a protection mechanism because ...
CVE-2017-2477undeterminedundeterminedundeterminedundeterminedAn issue was discovered in certain Apple products. macOS before 10.12. ...
CVE-2016-4610undeterminedundeterminedundeterminedundeterminedlibxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...
CVE-2016-4609undeterminedundeterminedundeterminedundeterminedlibxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...
CVE-2016-4608undeterminedundeterminedundeterminedundeterminedlibxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...
CVE-2016-4607undeterminedundeterminedundeterminedundeterminedlibxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2015-9019vulnerablevulnerablevulnerablevulnerableIn libxslt 1.1.29 and earlier, the EXSLT math.random function was not ...

Resolved issues

BugDescription
TEMP-0000000-481246libxslt segfault / DoS
CVE-2017-5029The xsltAddTextString function in transform.c in libxslt 1.1.29, as us ...
CVE-2016-4738libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and ...
CVE-2016-1841libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...
CVE-2016-1684numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51 ...
CVE-2016-1683numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51 ...
CVE-2015-7995The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does n ...
CVE-2013-4520xslt.c in libxslt before 1.1.25 allows context-dependent attackers to ...
CVE-2013-2902Use-after-free vulnerability in the XSLT ProcessingInstruction impleme ...
CVE-2012-6139libxslt before 1.1.28 allows remote attackers to cause a denial of ser ...
CVE-2012-2893Double free vulnerability in libxslt, as used in Google Chrome before ...
CVE-2012-2871libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.11 ...
CVE-2012-2870libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180. ...
CVE-2012-2825The XSL implementation in Google Chrome before 20.0.1132.43 allows rem ...
CVE-2011-3970libxslt, as used in Google Chrome before 17.0.963.46, allows remote at ...
CVE-2011-1202The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 a ...
CVE-2008-2935Multiple heap-based buffer overflows in the rc4 (1) encryption (aka ex ...
CVE-2008-1767Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-d ...

Security announcements

DSA / DLADescription
DLA-1756-1libxslt - security update
DLA-866-1libxslt - security update
DSA-3709-1libxslt - security update
DLA-700-1libxslt - security update
DSA-3605-1libxslt - security update
DLA-514-1libxslt - security update
DSA-2654-1libxslt - denial of service
DSA-2555-1libxslt - several
DSA-1624-1libxslt - arbitrary code execution
DSA-1589-1libxslt - arbitrary code execution

Search for package or bug name: Reporting problems