CVE-2012-2870

Name	CVE-2012-2870
Description	libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-2555-1
Debian Bugs	689422

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
chromium-browser (PTS)	jessie, jessie (lts)	57.0.2987.98-1~deb8u1	fixed
	stretch (security), stretch (lts), stretch	71.0.3578.80-1~deb9u1	fixed
libxslt (PTS)	jessie, jessie (lts)	1.1.28-2+deb8u7	fixed
	stretch (lts), stretch	1.1.29-2.1+deb9u3	fixed
	buster (security), buster, buster (lts)	1.1.32-2.2~deb10u2	fixed
	bullseye (security), bullseye	1.1.34-4+deb11u1	fixed
	bookworm	1.1.35-1	fixed
	sid, trixie	1.1.35-1.1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
chromium-browser	source	squeeze	(unfixed)	end-of-life
chromium-browser	source	(unstable)	21.0.1180.89~r154005-1
libxslt	source	squeeze	1.1.26-6+squeeze2		DSA-2555-1
libxslt	source	(unstable)	1.1.26-14			689422