[xml/sgml-pkgs] Bug#858546: CVE-2017-5029: Integer overflow in xsltAddTextString

Raphael Hertzog hertzog at debian.org
Thu Mar 23 10:34:05 UTC 2017

Source: libxslt
Severity: important
Tags: security patch


the following vulnerability was published for libxslt. The issue can be
exploited to trigger an out of bounds write on 64-bit systems.

Integer overflow in xsltAddTextString

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

Upstream has committed a patch here:

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-5029
    Please adjust the affected versions in the BTS as needed.

Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/

More information about the debian-xml-sgml-pkgs mailing list