[Git][security-tracker-team/security-tracker][master] Three libxslt issues fixed in unstable
Salvatore Bonaccorso
carnil at debian.org
Tue Aug 6 08:46:48 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c2a881a3 by Salvatore Bonaccorso at 2019-08-06T07:46:14Z
Three libxslt issues fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5264,7 +5264,7 @@ CVE-2019-13119
RESERVED
CVE-2019-13118 (In numbers.c in libxslt 1.1.33, a type holding grouping characters of ...)
{DLA-1860-1}
- - libxslt <unfixed> (low; bug #931320; bug #933743)
+ - libxslt 1.1.32-2.1 (low; bug #931320; bug #933743)
[buster] - libxslt <no-dsa> (Minor issue)
[stretch] - libxslt <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069
@@ -5272,7 +5272,7 @@ CVE-2019-13118 (In numbers.c in libxslt 1.1.33, a type holding grouping characte
NOTE: https://oss-fuzz.com/testcase-detail/5197371471822848
CVE-2019-13117 (In numbers.c in libxslt 1.1.33, an xsl:number with certain format stri ...)
{DLA-1860-1}
- - libxslt <unfixed> (low; bug #931321; bug #933743)
+ - libxslt 1.1.32-2.1 (low; bug #931321; bug #933743)
[buster] - libxslt <no-dsa> (Minor issue)
[stretch] - libxslt <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471
@@ -10613,7 +10613,7 @@ CVE-2019-11069 (Sequelize version 5 before 5.3.0 does not properly ensure that s
NOT-FOR-US: Sequelize
CVE-2019-11068 (libxslt through 1.1.33 allows bypass of a protection mechanism because ...)
{DLA-1756-1}
- - libxslt <unfixed> (bug #926895; bug #933743)
+ - libxslt 1.1.32-2.1 (bug #926895; bug #933743)
[buster] - libxslt <no-dsa> (Minor issue)
[stretch] - libxslt <no-dsa> (Minor issue)
NOTE: https://gitlab.gnome.org/GNOME/libxslt/issues/12
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2a881a3b9bf03eed80888faa350ddf61c159bcb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c2a881a3b9bf03eed80888faa350ddf61c159bcb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190806/3ecd0993/attachment.html>
More information about the debian-security-tracker-commits
mailing list