[xml/sgml-pkgs] Bug#482664: Bug#482664: CVE-2008-1767: buffver overflow in pattern.c
Steffen Joeris
steffen.joeris at skolelinux.de
Sat May 24 15:16:26 UTC 2008
Hi Mike
On Sun, 25 May 2008 01:01:52 am Mike Hommey wrote:
> On Sat, May 24, 2008 at 08:16:05PM +1000, Steffen Joeris wrote:
> > Package: libxslt1.1
> > Version: 1.1.23-1
> > Severity: grave
> > Tags: security, patch
> > Justification: user security hole
> >
> > Hi
> >
> > The following CVE(0) has been issued against libxslt.
> >
> > CVE-2008-1767:
> >
> > Buffer overflow in pattern.c in libxslt before 1.1.24 allows
> > context-dependent attackers to cause a denial of service (crash) and
> > possibly execute arbitrary code via an XSL style sheet file with a long
> > XSLT "transformation match" condition that triggers a large number of
> > steps.
> >
> > Upstream patch is attached.
> >
> > Please mention the CVE id in your changelog, when you fix this bug.
>
> I haven't had time to take a deep look at the issue. Anyways, uploading
> 1.1.24 in unstable (which was planned) should fix this. Is an update
> for stable required ? Or is the security team already working on it?
Thanks for your efforts.
Depending on how stable the new upstream release is, maybe it could be
uploaded with a higher urgency. For the testing-security team, it would be
great to get that bug fixed in testing.
cc'ing the stable-security team for reaching a decision on stable.
Cheers
Steffen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/debian-xml-sgml-pkgs/attachments/20080525/cf1bfebc/attachment.pgp
More information about the debian-xml-sgml-pkgs
mailing list