Debian Bug report logs -
#942646
libxslt: CVE-2019-18197
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 19 Oct 2019 12:06:02 UTC
Severity: important
Tags: security, upstream
Found in versions libxslt/1.1.32-1, libxslt/1.1.32-2.1~deb10u1, libxslt/1.1.29-2.1+deb9u1, libxslt/1.1.32-2.1, libxslt/1.1.29-1
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, team@security.debian.org, Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>
:
Bug#942646
; Package src:libxslt
.
(Sat, 19 Oct 2019 12:06:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>
:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, team@security.debian.org, Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>
.
(Sat, 19 Oct 2019 12:06:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: libxslt
Version: 1.1.32-2.1
Severity: important
Tags: security upstream
Control: found -1 1.1.32-1
Control: found -1 1.1.32-2.1~deb10u1
Control: found -1 1.1.29-1
Control: found -1 1.1.29-2.1+deb9u1
Hi,
The following vulnerability was published for libxslt.
CVE-2019-18197[0]:
| In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable
| isn't reset under certain circumstances. If the relevant memory area
| happened to be freed and reused in a certain way, a bounds check could
| fail and memory outside a buffer could be written to, or uninitialized
| data could be disclosed.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-18197
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18197
[1] https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15746
[2] https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768
[3] https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914
[4] https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
Marked as found in versions libxslt/1.1.32-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to submit@bugs.debian.org
.
(Sat, 19 Oct 2019 12:06:04 GMT) (full text, mbox, link).
Marked as found in versions libxslt/1.1.32-2.1~deb10u1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to submit@bugs.debian.org
.
(Sat, 19 Oct 2019 12:06:05 GMT) (full text, mbox, link).
Marked as found in versions libxslt/1.1.29-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to submit@bugs.debian.org
.
(Sat, 19 Oct 2019 12:06:06 GMT) (full text, mbox, link).
Marked as found in versions libxslt/1.1.29-2.1+deb9u1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to submit@bugs.debian.org
.
(Sat, 19 Oct 2019 12:06:06 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Sat Oct 19 16:47:43 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.