22 Jul 03:46
[ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability
From: <security <at> mandriva.com>
Subject: [ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability
Newsgroups: gmane.comp.security.full-disclosure
Date: 2008-07-22 01:49:00 GMT
Subject: [ MDVSA-2008:151 ] - Updated libxslt packages fix buffer overflow vulnerability
Newsgroups: gmane.comp.security.full-disclosure
Date: 2008-07-22 01:49:00 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:151 http://www.mandriva.com/security/ _______________________________________________________________________ Package : libxslt Date : July 21, 2008 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0 _______________________________________________________________________ Problem Description: A buffer overflow vulnerability in libxslt could be exploited via an XSL style sheet file with a long XLST transformation match condition, which could possibly lead to the execution of arbitrary code (CVE-2008-1767). The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 _______________________________________________________________________(Continue reading)
RSS Feed