Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2016-148-02
HistoryMay 27, 2016 - 11:33 p.m.

[slackware-security] libxslt

2016-05-2723:33:32
Slackware Linux Project
www.slackware.com
15

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.023 Low

EPSS

Percentile

89.6%

JSON

New libxslt packages are available for Slackware 14.0, 14.1, and -current to
fix a security issue.

Here are the details from the Slackware 14.1 ChangeLog:

patches/packages/libxslt-1.1.29-i486-1_slack14.1.txz: Upgraded.
This release fixes bugs and a security issue:
Fix for type confusion in preprocessing attributes (Daniel Veillard).
For more information, see:
https://vulners.com/cve/CVE-2015-7995
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libxslt-1.1.29-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libxslt-1.1.29-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libxslt-1.1.29-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libxslt-1.1.29-x86_64-1_slack14.1.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libxslt-1.1.29-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libxslt-1.1.29-x86_64-1.txz

MD5 signatures:

Slackware 14.0 package:
9e81aeb7a44f515dc0d0053395faffea libxslt-1.1.29-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
c1186870f78d1c71eed0cb10effd561a libxslt-1.1.29-x86_64-1_slack14.0.txz

Slackware 14.1 package:
847723b4e9f68c2a2a97869734b4c7c0 libxslt-1.1.29-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
79eed20e9211c68e94c383e929cc6aa0 libxslt-1.1.29-x86_64-1_slack14.1.txz

Slackware -current package:
40b33089887fe7c5827d6bf901e1cdbf l/libxslt-1.1.29-i586-1.txz

Slackware x86_64 -current package:
088186d11e38075de6e018f8ae6f7471 l/libxslt-1.1.29-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg libxslt-1.1.29-i486-1_slack14.1.txz

Related

archlinux 1
nessus 22
cve 1
freebsd 1
debiancve 1
ubuntucve 1
prion 1
openvas 12
mageia 1
osv 7
debian 3
ibm 1
rubygems 1
ubuntu 1
apple 10
rosalinux 1
androidsecurity 1
tenable 1
archlinux
archlinux
libxslt: denial of service
2016-01-13 00:00:00
nessus
nessus
Slackware 14.0 / 14.1 / current : libxslt (SSA:2016-148-02)
2016-05-31 00:00:00
openSUSE Security Update : libxslt (openSUSE-2016-661)
2016-06-01 00:00:00
FreeBSD : libxslt -- DoS vulnerability due to type confusing error (ecc268f2-8fc2-11e5-918c-bcaec565249c)
2015-11-23 00:00:00
cve
cve
CVE-2015-7995
2015-11-17 15:59:00
freebsd
freebsd
libxslt -- DoS vulnerability due to type confusing error
2015-10-29 00:00:00
debiancve
debiancve
CVE-2015-7995
2015-11-17 15:59:00
ubuntucve
ubuntucve
CVE-2015-7995
2015-11-17 00:00:00
prion
prion
Type confusion
2015-11-17 15:59:00
openvas
openvas
Mageia Linux Local Check: mgasa-2015-0432
2015-11-08 00:00:00
Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2212)
2020-01-23 00:00:00
Debian Security Advisory DSA 3605-1 (libxslt - security update)
2016-06-19 00:00:00
mageia
mageia
Updated libxslt packages fix security vulnerability
2015-11-06 01:46:03
osv
osv
CVE-2017-5029
2017-04-24 23:59:00
CVE-2019-13117
2019-07-01 02:15:09
CVE-2019-5815
2019-12-11 01:15:10
debian
debian
[SECURITY] [DSA 3605-1] libxslt security update
2016-06-19 05:00:31
[SECURITY] [DLA 514-1] libxslt security update
2016-06-12 21:50:20
[SECURITY] [DSA 3605-1] libxslt security update
2016-06-19 05:00:31
ibm
ibm
Security Bulletin: Vulnerabilities in libxslt affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems
2023-04-14 14:32:25
rubygems
rubygems
Nokogiri gem contains several vulnerabilities in libxml2 and libxslt
2015-04-13 21:00:00
ubuntu
ubuntu
Libxslt vulnerabilities
2017-04-28 00:00:00
apple
apple
About the security content of tvOS 9.1.1
2016-01-25 00:00:00
About the security content of tvOS 9.1.1 - Apple Support
2016-01-25 06:43:35
About the security content of OS X El Capitan 10.11.3 and Security Update 2016-001 - Apple Support
2016-01-19 06:29:30
rosalinux
rosalinux
Advisory ROSA-SA-2021-1906
2021-07-02 17:26:03
androidsecurity
androidsecurity
Android Security Bulletin—June 2017
2017-06-05 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.023 Low

EPSS

Percentile

89.6%

JSON
Related for SSA-2016-148-02
archlinux1nessus22cve1freebsd1debiancve1ubuntucve1prion1openvas12mageia1osv7debian3ibm1rubygems1ubuntu1apple10rosalinux1androidsecurity1tenable1