Compare commits
6 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| c7963c7a50 | |||
| 13343e4b9e | |||
| cb1f752640 | |||
| a15751f369 | |||
| a64854d846 | |||
| 509af28a80 |
36
libxslt-CVE-2025-11731.patch
Normal file
36
libxslt-CVE-2025-11731.patch
Normal file
@@ -0,0 +1,36 @@
|
||||
From fe508f201efb9ea37bfbe95413b8b28251497de3 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Dominik=20R=C3=B6ttsches?= <drott@chromium.org>
|
||||
Date: Wed, 27 Aug 2025 14:28:40 +0300
|
||||
Subject: [PATCH] End function node ancestor search at document
|
||||
|
||||
Avoids dereferencing a non-existent ->ns property on an
|
||||
XML_DOCUMENT_NODE pointer.
|
||||
|
||||
Fixes #151.
|
||||
---
|
||||
libexslt/functions.c | 9 +++++++--
|
||||
1 file changed, 7 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/libexslt/functions.c b/libexslt/functions.c
|
||||
index 8d35a7ae..a54ee70c 100644
|
||||
--- a/libexslt/functions.c
|
||||
+++ b/libexslt/functions.c
|
||||
@@ -617,8 +617,13 @@ exsltFuncResultComp (xsltStylesheetPtr style, xmlNodePtr inst,
|
||||
* instanciation of a func:result element.
|
||||
*/
|
||||
for (test = inst->parent; test != NULL; test = test->parent) {
|
||||
- if (IS_XSLT_ELEM(test) &&
|
||||
- IS_XSLT_NAME(test, "stylesheet")) {
|
||||
+ if (/* Traversal has reached the top-level document without
|
||||
+ * finding a func:function ancestor. */
|
||||
+ (test != NULL && test->type == XML_DOCUMENT_NODE) ||
|
||||
+ /* Traversal reached a stylesheet-namespace node,
|
||||
+ * and has left the function namespace. */
|
||||
+ (IS_XSLT_ELEM(test) &&
|
||||
+ IS_XSLT_NAME(test, "stylesheet"))) {
|
||||
xsltGenericError(xsltGenericErrorContext,
|
||||
"func:result element not a descendant "
|
||||
"of a func:function\n");
|
||||
--
|
||||
GitLab
|
||||
|
||||
@@ -1,3 +1,26 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Feb 4 07:41:13 UTC 2026 - Petr Gajdos <pgajdos@suse.com>
|
||||
|
||||
- CVE-2025-10911 will be fixed on libxml2 side instead [bsc#1250553]
|
||||
- deleted patches
|
||||
* libxslt-CVE-2025-10911.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 15 08:10:07 UTC 2025 - pgajdos@suse.com
|
||||
|
||||
- security update
|
||||
- added patches
|
||||
CVE-2025-11731 [bsc#1251979], type confusion in exsltFuncResultCompfunction leading to denial of service
|
||||
* libxslt-CVE-2025-11731.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 2 13:18:49 UTC 2025 - pgajdos@suse.com
|
||||
|
||||
- security update
|
||||
- added patches
|
||||
CVE-2025-10911 [bsc#1250553], use-after-free with key data stored cross-RVT
|
||||
* libxslt-CVE-2025-10911.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 17 09:44:34 UTC 2025 - pgajdos@suse.com
|
||||
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
#
|
||||
# spec file for package libxslt
|
||||
#
|
||||
# Copyright (c) 2025 SUSE LLC
|
||||
# Copyright (c) 2026 SUSE LLC
|
||||
# Copyright (c) 2025 SUSE LLC and contributors
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@@ -42,6 +43,8 @@ Patch0: libxslt-1.1.24-no-net-autobuild.patch
|
||||
Patch1: libxslt-random-seed.patch
|
||||
# CVE-2025-7424 [bsc#1246360], Type confusion in xmlNode.psvi between stylesheet and source nodes
|
||||
Patch2: libxslt-CVE-2025-7424.patch
|
||||
# CVE-2025-11731 [bsc#1251979], type confusion in exsltFuncResultCompfunction leading to denial of service
|
||||
Patch4: libxslt-CVE-2025-11731.patch
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: gcc
|
||||
BuildRequires: libgcrypt-devel
|
||||
|
||||
Reference in New Issue
Block a user