Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 27 Oct 2015 13:48:38 +0100
From: Stefan Cornelius <>
Subject: CVE request: libxslt xsltStylePreCompute() type confusion DoS


A type confusion error within the libxslt "xsltStylePreCompute()"
function in preproc.c can lead to a DoS. Confirmed in version 1.1.28,
other versions may also be affected.

Red Hat bug:

Proposed patch (afaik, not yet committed upstream, but I believe that
it'll happen soon):

Thanks and kind regards,
Stefan Cornelius / Red Hat Product Security

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.