Information on source package libxslt

Available versions

ReleaseVersion
jessie1.1.28-2+deb8u7
stretch1.1.29-2.1+deb9u3
buster1.1.32-2.2~deb10u2
bullseye1.1.34-4+deb11u1
bookworm1.1.35-1
trixie1.1.35-1.1
sid1.1.35-1.1

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2015-9019vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableIn libxslt 1.1.29 and earlier, the EXSLT math.random function was not ...

Resolved issues

BugDescription
TEMP-0000000-481246libxslt segfault / DoS
CVE-2021-30560Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 a ...
CVE-2019-18197In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable i ...
CVE-2019-13118In numbers.c in libxslt 1.1.33, a type holding grouping characters of ...
CVE-2019-13117In numbers.c in libxslt 1.1.33, an xsl:number with certain format stri ...
CVE-2019-11068libxslt through 1.1.33 allows bypass of a protection mechanism because ...
CVE-2019-5815Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1. ...
CVE-2017-5029The xsltAddTextString function in transform.c in libxslt 1.1.29, as us ...
CVE-2016-4738libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and ...
CVE-2016-4610libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...
CVE-2016-4609libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...
CVE-2016-4608libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before ...
CVE-2016-1841libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS ...
CVE-2016-1684numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51 ...
CVE-2016-1683numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51 ...
CVE-2015-7995The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does n ...
CVE-2013-4520xslt.c in libxslt before 1.1.25 allows context-dependent attackers to ...
CVE-2013-2902Use-after-free vulnerability in the XSLT ProcessingInstruction impleme ...
CVE-2012-6139libxslt before 1.1.28 allows remote attackers to cause a denial of ser ...
CVE-2012-2893Double free vulnerability in libxslt, as used in Google Chrome before ...
CVE-2012-2871libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.11 ...
CVE-2012-2870libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180. ...
CVE-2012-2825The XSL implementation in Google Chrome before 20.0.1132.43 allows rem ...
CVE-2011-3970libxslt, as used in Google Chrome before 17.0.963.46, allows remote at ...
CVE-2011-1202The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 a ...
CVE-2008-2935Multiple heap-based buffer overflows in the rc4 (1) encryption (aka ex ...
CVE-2008-1767Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-d ...

Security announcements

DSA / DLADescription
DLA-3101-1libxslt - security update
DSA-5216-1libxslt - security update
ELA-658-1libxslt - security update
DLA-1973-1libxslt - security update
ELA-185-1libxslt - security update
DLA-1860-1libxslt - security update
ELA-145-1libxslt - security update
ELA-142-1libxslt - security update
ELA-107-1libxslt - security update
DLA-1756-1libxslt - security update
DLA-866-1libxslt - security update
DSA-3709-1libxslt - security update
DLA-700-1libxslt - security update
DSA-3605-1libxslt - security update
DLA-514-1libxslt - security update
DSA-2654-1libxslt - denial of service
DSA-2555-1libxslt - several
DSA-1624-1libxslt - arbitrary code execution
DSA-1589-1libxslt - arbitrary code execution

Search for package or bug name: Reporting problems