Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Leak of address of heap object via xslt generate-id() function

Related Vulnerabilities: CVE-2011-1202  

Source

Debian Bug report logs - #617413
Leak of address of heap object via xslt generate-id() function

version graph

Package: libxslt; Maintainer for libxslt is Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>;

Reported by: Giuseppe Iuculano <iuculano@debian.org>

Date: Tue, 8 Mar 2011 19:03:01 UTC

Severity: important

Tags: patch, security

Fixed in version libxslt/1.1.26-7

Done: Mike Hommey <glandium@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>:
Bug#617413; Package libxslt. (Tue, 08 Mar 2011 19:03:04 GMT) (full text, mbox, link).

Acknowledgement sent to Giuseppe Iuculano <iuculano@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>. (Tue, 08 Mar 2011 19:03:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Giuseppe Iuculano <iuculano@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Leak of address of heap object via xslt generate-id() function
Date: Tue, 08 Mar 2011 20:00:59 +0100
Package: libxslt
Severity: important
Tags: security patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi,

new version of google chrome fixed a minor security issue in libxslt:

 Issue 73716:	Leak of address of heap object via xslt generate-id() function

Upstream patch: http://git.gnome.org/browse/libxslt/commit/?id=ecb6bcb8d1b7e44842edde3929f412d46b40c89f

This issue doesn't warrant a DSA, please fix it in squeeze through a point release.

Cheers,
Giuseppe.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk12fOgACgkQNxpp46476aoZlgCeLNC6RvPwSxqlfN2Ya2r/S7mG
u68AoJR5axPqhBCCAqouYt0GYicrA6y8
=QvVL
-----END PGP SIGNATURE-----

Information forwarded to debian-bugs-dist@lists.debian.org, Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>:
Bug#617413; Package libxslt. (Thu, 10 Mar 2011 19:12:03 GMT) (full text, mbox, link).

Acknowledgement sent to Giuseppe Iuculano <giuseppe@iuculano.it>:
Extra info received and forwarded to list. Copy sent to Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>. (Thu, 10 Mar 2011 19:12:03 GMT) (full text, mbox, link).

Message #10 received at 617413@bugs.debian.org (full text, mbox, reply):

From: Giuseppe Iuculano <giuseppe@iuculano.it>
To: 617413@bugs.debian.org
Subject: CVE-2011-1202
Date: Thu, 10 Mar 2011 20:08:55 +0100
[Message part 1 (text/plain, inline)]
This is CVE-2011-1202

Cheers.
Giuseppe.


[signature.asc (application/pgp-signature, attachment)]

Reply sent to Mike Hommey <glandium@debian.org>:
You have taken responsibility. (Fri, 18 Mar 2011 16:03:10 GMT) (full text, mbox, link).

Notification sent to Giuseppe Iuculano <iuculano@debian.org>:
Bug acknowledged by developer. (Fri, 18 Mar 2011 16:03:10 GMT) (full text, mbox, link).

Message #15 received at 617413-close@bugs.debian.org (full text, mbox, reply):

From: Mike Hommey <glandium@debian.org>
To: 617413-close@bugs.debian.org
Subject: Bug#617413: fixed in libxslt 1.1.26-7
Date: Fri, 18 Mar 2011 16:02:42 +0000
Source: libxslt
Source-Version: 1.1.26-7

We believe that the bug you reported is fixed in the latest version of
libxslt, which is due to be installed in the Debian FTP archive:

libxslt1-dbg_1.1.26-7_amd64.deb
  to main/libx/libxslt/libxslt1-dbg_1.1.26-7_amd64.deb
libxslt1-dev_1.1.26-7_amd64.deb
  to main/libx/libxslt/libxslt1-dev_1.1.26-7_amd64.deb
libxslt1.1_1.1.26-7_amd64.deb
  to main/libx/libxslt/libxslt1.1_1.1.26-7_amd64.deb
libxslt_1.1.26-7.diff.gz
  to main/libx/libxslt/libxslt_1.1.26-7.diff.gz
libxslt_1.1.26-7.dsc
  to main/libx/libxslt/libxslt_1.1.26-7.dsc
python-libxslt1-dbg_1.1.26-7_amd64.deb
  to main/libx/libxslt/python-libxslt1-dbg_1.1.26-7_amd64.deb
python-libxslt1_1.1.26-7_amd64.deb
  to main/libx/libxslt/python-libxslt1_1.1.26-7_amd64.deb
xsltproc_1.1.26-7_amd64.deb
  to main/libx/libxslt/xsltproc_1.1.26-7_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 617413@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mike Hommey <glandium@debian.org> (supplier of updated libxslt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 18 Mar 2011 16:11:19 +0100
Source: libxslt
Binary: libxslt1.1 libxslt1-dev libxslt1-dbg xsltproc python-libxslt1 python-libxslt1-dbg
Architecture: source amd64
Version: 1.1.26-7
Distribution: unstable
Urgency: low
Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>
Changed-By: Mike Hommey <glandium@debian.org>
Description: 
 libxslt1-dbg - XSLT 1.0 processing library - debugging symbols
 libxslt1-dev - XSLT 1.0 processing library - development kit
 libxslt1.1 - XSLT 1.0 processing library - runtime library
 python-libxslt1 - Python bindings for libxslt1
 python-libxslt1-dbg - Python bindings for libxslt1 (debug extension)
 xsltproc   - XSLT 1.0 command line processor
Closes: 617413
Changes: 
 libxslt (1.1.26-7) unstable; urgency=low
 .
   * libxslt/functions.c: Fix generate-id() to not expose object addresses.
     Closes: #617413. Fixes: CVE-2011-1202.
Checksums-Sha1: 
 1421569da21fbc55d3b47ffe2193dd2fad64eb54 2074 libxslt_1.1.26-7.dsc
 a88fc2b66f4e60c391e39ada01a27de865474b3e 92050 libxslt_1.1.26-7.diff.gz
 95dee7ab3add5bce1e68ec07b714c16d007b72b1 248834 libxslt1.1_1.1.26-7_amd64.deb
 2750db9aaddb926d44f7364b4f0a31bf189c6f20 635474 libxslt1-dev_1.1.26-7_amd64.deb
 2166dcedb80333ec8b7fbf5ae6d3b52e8847670c 410148 libxslt1-dbg_1.1.26-7_amd64.deb
 060930cecf2108a594aa42f397e3050f1fa963f4 115174 xsltproc_1.1.26-7_amd64.deb
 3433ce61eb9c0472019e35d10321026633da9cb1 168378 python-libxslt1_1.1.26-7_amd64.deb
 32bd653668df4b215ad543c687edfae8cbd18133 394070 python-libxslt1-dbg_1.1.26-7_amd64.deb
Checksums-Sha256: 
 565842ddb6d68ee73e0d289ebd4a453e894183a733951bdff4e725ee2c10a009 2074 libxslt_1.1.26-7.dsc
 e04ccff8adfc5000ceccd2dc3b074486e72a3fc056718486c4e5cd983dc11051 92050 libxslt_1.1.26-7.diff.gz
 41437c781c3f13e24337a36605646bd24d261148dfcc91c42431eed596e2cca3 248834 libxslt1.1_1.1.26-7_amd64.deb
 d95c35e54b11cb83e64291d7bd19172da6cb11780f767c9dac6838071dd92455 635474 libxslt1-dev_1.1.26-7_amd64.deb
 50e190d3220e4e7de2fadec2a38ae91d69416472bd2b68a23c056941701a7580 410148 libxslt1-dbg_1.1.26-7_amd64.deb
 48d2e29f097834f4cec930860918a72417b367aec3efd15b5cb3153d640b815f 115174 xsltproc_1.1.26-7_amd64.deb
 fe0d6625acdea0047236a0c653e8fd09bd9663ce4ad66c0f0b7866a0173c50af 168378 python-libxslt1_1.1.26-7_amd64.deb
 af95b97c9116b4bc5884f8d435b92d9c3ee39baf4af7971db930b511cd14cbc3 394070 python-libxslt1-dbg_1.1.26-7_amd64.deb
Files: 
 2501710b9f70e02a2954a9aded254ce8 2074 text optional libxslt_1.1.26-7.dsc
 ce6ce314bbae81826c75a5b878171142 92050 text optional libxslt_1.1.26-7.diff.gz
 2920c98e21a8cc29d09827bde056c34e 248834 libs optional libxslt1.1_1.1.26-7_amd64.deb
 ef1cc7830450cec26676f1c84a35b750 635474 libdevel optional libxslt1-dev_1.1.26-7_amd64.deb
 1d305176d64ffc9e8c31f65eca0289df 410148 debug extra libxslt1-dbg_1.1.26-7_amd64.deb
 7d66007b575a79845ca4f8a9aa10759b 115174 text optional xsltproc_1.1.26-7_amd64.deb
 6cb02dde2d18793cdd71090397d9ef0a 168378 python optional python-libxslt1_1.1.26-7_amd64.deb
 e622f722d15497617651de1c8b1b6f04 394070 debug extra python-libxslt1-dbg_1.1.26-7_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIVAwUBTYN51eQqoE+mqoxyAQjUTQ//X7XOo0ylMUQMgP/mDDSQHbNr2JXMLvhC
B+h4Dy3vXxJNl6PH/Fckt2Igm7eJuge03tvNUQmrHgP/33R9lX8ypvXLSbuxMUCi
2QSkFwtZpEyxFOimAwiEdqmjI7paIq7JMmC4bUBSdGWsYriuOPG25q7uTxB6yG4m
8Y36kdAUK/lqnf1x8YODQNnitQ9h4QCU78duWaB6aGOXZEZ9cGWRHOyxWUYAIu84
5AhA+h5/FA5C8sGF+8wtThdy7ZVLoDabhFuF4mjqLUPre6lKe4D55mn+Bi6b2qxV
vxWSl/B+fS2x/CYPDnO3R8kaWWEVleI0H6AeArhclmsJMNYLlApSQdgFNX1oedz5
6gszdpO+jb5I0HvPoOHsYNudnQNuCp0q4k5zPe8n0y5L8H6DG3XMrUUD86yXm2FA
QZyfghqc/9L4q3x+QY4M6NC+6nx/YTO0pLvuTievXHmjrBBdmCuMpjYV/nrfVKMD
qm6SZN73zBPCOS5/Tf9eFtRcyR2AhzKzT+vb5/n8yaS/25t2bI0pyaE+NSXzunS4
YrKFPr2FIE3FR/w6UTs1vFIplT1m+Smu10fDkXgwACenw/s+tYbcGL+qCjk5lUPg
oSCTulMXBnA3CmsVQWnpsmeuwbnnXWWYqIfvteTHtoHZVWwVflN2u+4BH8NtIH0P
9B6VsRaJl44=
=tUzn
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 30 Apr 2011 07:44:41 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 16:05:05 2019; Machine Name: beach

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started