[xml/sgml-pkgs] Bug#493162: libxslt1.1: buffer overflow [CVE-2008-2935]
brian m. carlson
sandals at crustytoothpaste.ath.cx
Thu Jul 31 20:46:40 UTC 2008
Package: libxslt1.1
Version: 1.1.24-1
Severity: grave
Tags: security
According to DSA 1624-1:
Chris Evans discovered that a buffer overflow in the RC4 functions of
libexslt may lead to the execution of arbitrary code.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libxslt1.1 depends on:
ii libc6 2.7-13 GNU C Library: Shared libraries
ii libgcrypt11 1.4.1-1 LGPL Crypto library - runtime libr
ii libxml2 2.6.32.dfsg-2 GNOME XML library
libxslt1.1 recommends no packages.
libxslt1.1 suggests no packages.
-- no debconf information
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 713 440 7475 | http://crustytoothpaste.ath.cx/~bmc | My opinion only
troff on top of XML: http://crustytoothpaste.ath.cx/~bmc/code/thwack
OpenPGP: RSA v4 4096b 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/debian-xml-sgml-pkgs/attachments/20080731/0275792f/attachment.pgp
More information about the debian-xml-sgml-pkgs
mailing list