[xml/sgml-pkgs] Bug#679283: CVE-2012-2825
Moritz Muehlenhoff
muehlenhoff at univention.de
Wed Jun 27 15:20:15 UTC 2012
Package: libxslt
Severity: grave
Tags: security
The Chrome developers found a denial of service issue in the embedded copy of
libxslt, which has been assigned CVE-2012-2825:
http://googlechromereleases.blogspot.de/2012/06/stable-channel-update_26.html:
[$500] [127417] Medium CVE-2012-2825: Wild read in XSL handling. Credit to Nicholas Gregoire.
This is fixed by the following commit:
http://git.chromium.org/gitweb/?p=chromium/src.git;a=patch;h=bb7bfb81c158268fb242292b7e0fbd2d3b933d09
Cheers,
Moritz
More information about the debian-xml-sgml-pkgs
mailing list