Advisories » MGASA-2016-0217

Updated libxslt packages fix security vulnerability

Publication date: 07 Jun 2016
Modification date: 07 Jun 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-1683 , CVE-2016-1684

Description

The libxslt package has been updated to version 1.1.29, which fixes
several bugs and possible security issues, including an out-of-bounds
memory access (CVE-2016-1683) and integer overflow (CVE-2016-1684), and
provides other improvements.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=18547
• http://xmlsoft.org/XSLT/news.html
• http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684

SRPMS

5/core

• libxslt-1.1.29-1.mga5