Date: Tue, 27 Oct 2015 13:48:38 +0100 From: Stefan Cornelius <scorneli@...hat.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: CVE request: libxslt xsltStylePreCompute() type confusion DoS Hi, A type confusion error within the libxslt "xsltStylePreCompute()" function in preproc.c can lead to a DoS. Confirmed in version 1.1.28, other versions may also be affected. Red Hat bug: https://bugzilla.redhat.com/show_bug.cgi?id=1257962 Proposed patch (afaik, not yet committed upstream, but I believe that it'll happen soon): https://bugzilla.redhat.com/attachment.cgi?id=1086465 Thanks and kind regards, -- Stefan Cornelius / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.