Package: libxslt / 1.1.29-2.1+deb9u2
Metadata
Package | Version | Patches format |
---|---|---|
libxslt | 1.1.29-2.1+deb9u2 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
0001 patch xslt config to add private libraries.patch | (download) |
libexslt.pc.in |
1 1 + 0 - 0 ! |
patch xslt-config to add private libraries |
0002 fix autoconf automake.patch | (download) |
configure.in |
9 5 + 4 - 0 ! |
fix autoconf automake |
0003 fix typo.patch | (download) |
doc/APIchunk6.html |
2 1 + 1 - 0 ! |
fix typo |
0004 Make generate id deterministic.patch | (download) |
libxslt/functions.c |
91 90 + 1 - 0 ! |
make generate-id() provide stable ids |
0005 Link with libm.patch | (download) |
libxslt/Makefile.am |
2 1 + 1 - 0 ! |
link libxslt with libm Bug-Debian: https://bugs.debian.org/801989 |
0006 remove plugin in xslt config.patch | (download) |
xslt-config.in |
5 0 + 5 - 0 ! |
--- |
0007 Fix heap overread in xsltFormatNumberConversion.patch | (download) |
libxslt/numbers.c |
3 2 + 1 - 0 ! |
fix heap overread in xsltformatnumberconversion An empty decimal-separator could cause a heap overread. This can be exploited to leak a couple of bytes after the buffer that holds the pattern string. . Found with afl-fuzz and ASan. . This is CVE-2016-4738 |
0008 Check for integer overflow in xsltAddTextString.patch | (download) |
libxslt/transform.c |
25 22 + 3 - 0 ! |
[patch] check for integer overflow in xsltaddtextstring Limit buffer size in xsltAddTextString to INT_MAX. The issue can be exploited to trigger an out of bounds write on 64-bit systems. Originally reported to Chromium: https://crbug.com/676623 |
0009 Fix security framework bypass.patch | (download) |
libxslt/documents.c |
18 10 + 8 - 0 ! |
fix security framework bypass |
0010 Fix uninitialized read of xsl number token.patch | (download) |
libxslt/numbers.c |
5 4 + 1 - 0 ! |
fix uninitialized read of xsl:number token |
0011 Fix uninitialized read with UTF 8 grouping chars.patch | (download) |
libxslt/numbers.c |
5 3 + 2 - 0 ! |
fix uninitialized read with utf-8 grouping chars |
0012 Fix dangling pointer in xsltCopyText.patch | (download) |
libxslt/transform.c |
2 2 + 0 - 0 ! |
fix dangling pointer in xsltcopytext |