Updated libxslt packages fix security vulnerability
Publication date: 02 May 2017Modification date: 02 May 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-5029
Description
Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString() function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service (application crash) or possible execute arbitrary code (CVE-2017-5029).
References
SRPMS
5/core
- libxslt-1.1.29-1.2.mga5