pool/libxslt
SHA256
11
0
Fork 2
Code Issues Pull Requests Activity

Accepting request 479022 from home:pmonrealgonzalez:branches:devel:libraries:c_c++

Browse Source 
- Added patch libxslt-CVE-2016-4738.patch 
  * Fix heap overread in xsltFormatNumberConversion: An empty 
    decimal-separator could cause a heap overread. This can be
    exploited to leak a couple of bytes after the buffer that holds 
    the pattern string.
  * bsc#1005591 CVE-2016-4738

OBS-URL: https://build.opensuse.org/request/show/479022
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxslt?expand=0&rev=54
This commit is contained in:
Tomáš Chvátal
2017-03-13 12:58:25 +00:00
committed by Git OBS Bridge
parent 654061f73c
commit 0e4141e559
4 changed files with 46 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
libxslt.changes
View File

@@ -1,3 +1,13 @@
-------------------------------------------------------------------
Mon Mar 13 12:43:04 UTC 2017 - pmonrealgonzalez@suse.com
- Added patch libxslt-CVE-2016-4738.patch
* Fix heap overread in xsltFormatNumberConversion: An empty
decimal-separator could cause a heap overread. This can be
exploited to leak a couple of bytes after the buffer that holds
the pattern string.
* bsc#1005591 CVE-2016-4738
-------------------------------------------------------------------
Sat Jun 11 11:42:29 UTC 2016 - tchvatal@suse.com