Format: 1.8
Date: Thu, 27 Apr 2017 10:58:44 -0700
Source: libxslt
Binary: libxslt1.1 libxslt1-dev libxslt1-dbg xsltproc python-libxslt1 python-libxslt1-dbg
Architecture: powerpc
Version: 1.1.26-8ubuntu1.4
Distribution: precise
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@fisher04.buildd>
Changed-By: Steve Beattie <sbeattie@ubuntu.com>
Description: 
 libxslt1-dbg - XSLT 1.0 processing library - debugging symbols
 libxslt1-dev - XSLT 1.0 processing library - development kit
 libxslt1.1 - XSLT 1.0 processing library - runtime library
 python-libxslt1 - Python bindings for libxslt1
 python-libxslt1-dbg - Python bindings for libxslt1 (debug extension)
 xsltproc   - XSLT 1.0 command line processor
Changes: 
 libxslt (1.1.26-8ubuntu1.4) precise-security; urgency=medium
 .
   * SECURITY UPDATE: type-confusion leading to denial of service
     - libxslt/preproc.c: check that the parent node is an element
       before dereferencing its namespace
     - 7ca19df892ca22d9314e95d59ce2abdeff46b617
     - CVE-2015-7955
   * SECURITY UPDATE: out-of-bounds heap memory access
     - libxslt/numbers.c: precompile patterns in xsl:number (prereq),
       special case namespace nodes in xsltNumberFormatGetMultipleLevel
       libxslt/preproc.c, numbersInternals.h: precompile patterns
       in xsl:number (prereq change)
       tests/docs/bug-186*: add testcase
     - Prereq commits: 0d6713d715509da1fec27bec220d43aa4fc48d0f,
       102099fb3bc0b29ede7dadc6388337ef4de59a74
     - d182d8f6ba3071503d96ce17395c9d55871f0242
     - CVE-2016-1683
   * SECURITY UPDATE: integer overflow
     - libxslt/numbers.c: add lower and upper bounds for 'i' and 'a'
       format tokens
     - 91d0540ac9beaa86719a05b749219a69baa0dd8d
     - 405034286fbdd6166229335b7203a41bf53b40fc
     - CVE-2016-1684
   * SECURITY UPDATE: use-after-free in xsltDocumentFunctionLoadDocument
     - libxslt/functions.c: adjust xmlFree() call
       tests/docs/bug-185*, tests/general/bug-185*: add test csses
     - fc1ff481fd01e9a65a921c542fed68d8c965e8a3
     - CVE-2016-1841
   * SECURITY UPDATE: heap information leak
     - libxslt/numbers.c: check for empty decimal separator.
     - eb1030de31165b68487f288308f9d1810fed6880
     - CVE-2016-4738
   * SECURITY UPDATE: integer overflow in libxslt.
     - libxslt/transform.c, libxslt/xsltInternals.h: limit buffer size
       in xsltAddTextString to INT_MAX.
     - 08ab2774b870de1c7b5a48693df75e8154addae5
     - CVE-2017-5029
   * SECURITY UPDATE: double free in hash functions
     - libexslt/crypto.c: remove duplicate free calls
     - d8862309f08054218b28e2c8f5fb3cb2f650cac7
   * SECURITY UPDATE: NULL pointer dereference in Saxon
     - libexslt/saxon.c: fix error handling in Saxon extension functions
       configure.in, tests/exslt/Makefile.am, tests/exslt/saxon/:
       add test cases
     - ef7429bb4f1433726cc8fc4fe3d134d8a439fab1
   * SECURITY UPDATE: out-of-bounds heap memory access
     - libexslt/dynamic.c: use correct type for namespace nodes in
       exsltDynMapFunction
       tests/exslt/dynamic/dynmap*: add testcase
     - 93bb314768aafaffad1df15bbee10b7c5423e283
   * SECURITY UPDATE: out-of-bounds heap read memory access
     - libexslt/saxon.c: do not pass namespace "nodes" to xmlGetLineNo
       tests/exslt/saxon/Makefile.am, tests/exslt/saxon/lineno.1*:
       add test case
     - 8b90c9a699e0eaa98bbeec63a473ddc73aaa238c
   * SECURITY UPDATE: stack-based buffer overflow in exsltDateFormat
     - libexslt/date.c: make stack buffer larger
     - 5d0c6565bab5b9b7efceb33b626916d22b4101a7
   * SECURITY UPDATE: out-of-bounds head read in xsltExtModuleRegisterDynamic
     - libxslt/extensions.c: correct stripping of unwanted characters
     - 87c3d9ea214fc0503fd8130b6dd97431d69cc066
Checksums-Sha1: 
 5de05d8b270bfea986aeb792cacb491c3626051c 162606 libxslt1.1_1.1.26-8ubuntu1.4_powerpc.deb
 a2591e86ba5b73ab662152a20beee9c028375f73 572962 libxslt1-dev_1.1.26-8ubuntu1.4_powerpc.deb
 c0d2413e2e84daff142d1eeb9e312c1bb18d08e5 318050 libxslt1-dbg_1.1.26-8ubuntu1.4_powerpc.deb
 9b0c00a27f026c7854fa3fd5151381f1891f3887 14892 xsltproc_1.1.26-8ubuntu1.4_powerpc.deb
 5b58de0b7513500b566eff434ff5a1af836446a0 38604 python-libxslt1_1.1.26-8ubuntu1.4_powerpc.deb
 07fc4f67e0eeadd6a4c87aa1f017edda8deb75c2 143084 python-libxslt1-dbg_1.1.26-8ubuntu1.4_powerpc.deb
 d2677bc42465977cffece58d9ad72e526d214920 189352 libxslt1.1-dbgsym_1.1.26-8ubuntu1.4_powerpc.ddeb
 395fb45ff252e12f2b4c3bf913b07a6137033009 19340 xsltproc-dbgsym_1.1.26-8ubuntu1.4_powerpc.ddeb
 1ef4c8a4c3e77b481f61ab312649c240a9d796b2 45904 python-libxslt1-dbgsym_1.1.26-8ubuntu1.4_powerpc.ddeb
Checksums-Sha256: 
 08e1f2550c7aa734d4ab1949923a202498fc6ab46220fa6cdb40ebed26a3a48c 162606 libxslt1.1_1.1.26-8ubuntu1.4_powerpc.deb
 4d9e33977755e1003979c8d0dc57a196ac9501b8df063e514183bb56fbe1981b 572962 libxslt1-dev_1.1.26-8ubuntu1.4_powerpc.deb
 efb316c40c15cb3f30c9b5d086fc31eb42ef61685aa276b5c4b6ce7a457db308 318050 libxslt1-dbg_1.1.26-8ubuntu1.4_powerpc.deb
 3c98f958c8b03080de084dcfd6b0dbc17d96df7d46e23561232b4eff7becd753 14892 xsltproc_1.1.26-8ubuntu1.4_powerpc.deb
 7e173875432ff3a0a4bf156a8176fd4a73b51d4361539377f3f7bdf61bd992db 38604 python-libxslt1_1.1.26-8ubuntu1.4_powerpc.deb
 410db840f302a6c0220223c60953d14cec41bca7da073df7da676737923efb56 143084 python-libxslt1-dbg_1.1.26-8ubuntu1.4_powerpc.deb
 a05f9cd2eb862dbcda6c6a04a94759a2194daab62b4a1c31fcfb944a177e5dcf 189352 libxslt1.1-dbgsym_1.1.26-8ubuntu1.4_powerpc.ddeb
 92e8e5e67cba7c5c529c999dac425693ff6e2ab156844277f6b65beedd9c1875 19340 xsltproc-dbgsym_1.1.26-8ubuntu1.4_powerpc.ddeb
 bd08f71304d57bc6a1c44f56c3dfda81303c1d9106adfeb48d5134f615b4aa10 45904 python-libxslt1-dbgsym_1.1.26-8ubuntu1.4_powerpc.ddeb
Files: 
 501437c003979be5d3079c04bd4cbe7b 162606 libs optional libxslt1.1_1.1.26-8ubuntu1.4_powerpc.deb
 f93b926a64d15248806a5353009607de 572962 libdevel optional libxslt1-dev_1.1.26-8ubuntu1.4_powerpc.deb
 187272c5c46ac5c17544accb0a6a5fe4 318050 debug extra libxslt1-dbg_1.1.26-8ubuntu1.4_powerpc.deb
 2982bfea109bc8c489ff7e0a68712fed 14892 text optional xsltproc_1.1.26-8ubuntu1.4_powerpc.deb
 64c6746e4812181e94c2f60c7bb22274 38604 python optional python-libxslt1_1.1.26-8ubuntu1.4_powerpc.deb
 064cbb136b64f991becc445d4d300c77 143084 debug extra python-libxslt1-dbg_1.1.26-8ubuntu1.4_powerpc.deb
 f2632762187f5365826dab08d8acb770 189352 libs extra libxslt1.1-dbgsym_1.1.26-8ubuntu1.4_powerpc.ddeb
 38da5abbb664e344940ac288de708600 19340 text extra xsltproc-dbgsym_1.1.26-8ubuntu1.4_powerpc.ddeb
 299d22e32cf14f12dbdd2a7fc2506819 45904 python extra python-libxslt1-dbgsym_1.1.26-8ubuntu1.4_powerpc.ddeb
Original-Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>