Parent Directory | Revision Log
MGASA-2019-0175: libxslt-1.1.29-6.1.mga6
1 | davidwhodgins | 8550 | type: security |
2 | subject: Updated libxslt packages fix security vulnerability | ||
3 | CVE: | ||
4 | - CVE-2019-11068 | ||
5 | src: | ||
6 | 6: | ||
7 | core: | ||
8 | - libxslt-1.1.29-6.1.mga6 | ||
9 | description: | | ||
10 | libxslt through 1.1.33 allows bypass of a protection mechanism because | ||
11 | callers of xsltCheckRead and xsltCheckWrite permit access even upon | ||
12 | receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL | ||
13 | that is not actually invalid and is subsequently loaded (CVE-2019-11068). | ||
14 | references: | ||
15 | - https://bugs.mageia.org/show_bug.cgi?id=24705 | ||
16 | - https://usn.ubuntu.com/usn/usn-3947-1 | ||
17 | tmb | 8555 | ID: MGASA-2019-0175 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |