Format: 1.7
Date: Fri, 28 Sep 2012 15:40:31 -0400
Source: libxslt
Binary: libxslt1.1 libxslt1-dev libxslt1-dbg xsltproc python-libxslt1 python-libxslt1-dbg
Architecture: ia64
Version: 1.1.22-1ubuntu1.3
Distribution: hardy
Urgency: low
Maintainer: Ubuntu/ia64 Build Daemon <buildd@hooker.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libxslt1-dbg - XSLT processing library - debugging symbols
 libxslt1-dev - XSLT processing library - development kit
 libxslt1.1 - XSLT processing library - runtime library
 python-libxslt1 - Python bindings for libxslt1
 python-libxslt1-dbg - Python bindings for libxslt1 (debug extension)
 xsltproc   - XSLT command line processor
Changes: 
 libxslt (1.1.22-1ubuntu1.3) hardy-security; urgency=low
 .
   * SECURITY UPDATE: information disclosure via generate-id XPath function
     - libxslt/functions.c: do not expose object addresses directly.
     - ecb6bcb8d1b7e44842edde3929f412d46b40c89f
     - CVE-2011-1202
   * SECURITY UPDATE: denial of service via out-of-bounds read
     - libxslt/pattern.c: fix improper loop exit.
     - fe5a4fa33eb85bce3253ed3742b1ea6c4b59b41b
     - CVE-2011-3970
   * SECURITY UPDATE: denial of service via out-of-bounds read
     - libxslt/xsltutils.h: check for XML_ELEMENT_NODE
     - e6a0bc8081271f33b9899eb78e1da1a2a0428419
     - CVE-2012-2825
   * SECURITY UPDATE: denial of service via crafted XSLT expression
     - harden code in libexslt/functions.c, libxslt/attributes.c,
       libxslt/functions.c, libxslt/pattern.c, libxslt/preproc.c,
       libxslt/templates.c, libxslt/transform.c, libxslt/variables.c,
       libxslt/xslt.c, libxslt/xsltutils.c.
     - 8566ab4a10158d195adb5f1f61afe1ee8bfebd12
     - 4da0f7e207f14a03daad4663865c285eb27f93e9
     - 24653072221e76d2f1f06aa71225229b532f8946
     - 1564b30e994602a95863d9716be83612580a2fed
     - CVE-2012-2870
   * SECURITY UPDATE: denial of service and possible code execution during
     handling of XSL transforms
     - libxslt/transform.c: check for XML_NAMESPACE_DECL
     - 937ba2a3eb42d288f53c8adc211bd1122869f0bf
     - CVE-2012-2871
   * SECURITY UPDATE: denial of service and possible code execution via
     double free during XSL transforms
     - libxslt/templates.c: Fix dictionary string usage
     - 54977ed7966847e305a2008cb18892df26eeb065
     - CVE-2012-2893
Files: 
 c55021c757be8cd1f43a2c702280ef93 295690 libs optional libxslt1.1_1.1.22-1ubuntu1.3_ia64.deb
 0a9e21af4f30b825a15b30938a654f37 704684 libdevel optional libxslt1-dev_1.1.22-1ubuntu1.3_ia64.deb
 07904f153a14b6c5dbba94ede403f5c4 361400 libdevel extra libxslt1-dbg_1.1.22-1ubuntu1.3_ia64.deb
 81aebe70b7983f330e1ec857258788f7 115458 text optional xsltproc_1.1.22-1ubuntu1.3_ia64.deb
 03f940a3f0e4465e3fd57346da73b59b 170580 python optional python-libxslt1_1.1.22-1ubuntu1.3_ia64.deb
 4ed30067f11f81c0a8b32dc328181f41 266936 python extra python-libxslt1-dbg_1.1.22-1ubuntu1.3_ia64.deb
Original-Maintainer: Debian XML/SGML Group <debian-xml-sgml-pkgs@lists.alioth.debian.org>