Date: Tue, 27 Oct 2015 13:48:38 +0100 From: Stefan Cornelius <scorneli@...hat.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: CVE request: libxslt xsltStylePreCompute() type confusion DoS Hi, A type confusion error within the libxslt "xsltStylePreCompute()" function in preproc.c can lead to a DoS. Confirmed in version 1.1.28, other versions may also be affected. Red Hat bug: https://bugzilla.redhat.com/show_bug.cgi?id=1257962 Proposed patch (afaik, not yet committed upstream, but I believe that it'll happen soon): https://bugzilla.redhat.com/attachment.cgi?id=1086465 Thanks and kind regards, -- Stefan Cornelius / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ