lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1bEUqV-0007ZC-SO@master.debian.org>
Date: Sun, 19 Jun 2016 05:00:31 +0000
From: Salvatore Bonaccorso <carnil@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3605-1] libxslt security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3605-1                   security@...ian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
June 19, 2016                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libxslt
CVE ID         : CVE-2015-7995 CVE-2016-1683 CVE-2016-1684
Debian Bug     : 802971

Several vulnerabilities were discovered in libxslt, an XSLT processing
runtime library, which could lead to information disclosure or
denial-of-service (application crash) against an application using the
libxslt library.

For the stable distribution (jessie), these problems have been fixed in
version 1.1.28-2+deb8u1.

We recommend that you upgrade your libxslt packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXZibQAAoJEAVMuPMTQ89Ew5oP/2KTLgzFJt7q8HTiycMlww+v
T27RRR/UcAY2K2PrYNN/oZMqSKr+P5a8pfMNgf9lcb/KX7FEVzcNCixrusUUd3DS
L5A3sZ360o/37pllK1bPt6Z0xiPH+7NcQCJC/6ACSmAPHpVfqN/xAfkrymZAFLS0
wdalcJpXZXTNmuFz0rDbGsfqVUrGSMUp/SwIbBFRk2WD1bkZWcBkmkYGN7j91PdG
vHgGqXymQr4v0WvD7mbdmFvW0mBftU95GsBildMzaAJmiTSO/YDvfCnVhiryc7Ji
R4PGw20WUgmnfnDDQPaRib+PNgR/WY1yY9RU103uYGpFTo4PRqBK1MKT1pdrqbBH
FdwubmKB5uTN5rZgINKryQ5tSqo4QUUX1YBien9FZkpUfjYejAfq99aUH/p3ZwUa
x46F6YL85UKislaBObOlWzPMeftz8zv9a4+Xe2Pq0B/Sswsx81KdHMryLQFvEwuT
wphg6Mtt5SKMIryF6/4TvXnnaM0sw2Bh6s1rDl/mEySxFXSh5vHH0foqL1lyjBxq
sRhyqMgHGT4L+PtANFZMjnatsR4cJX+r/UP/ajDcqhjMVdl9xrmQtsdpiZiylsTp
2SFRzNsqp6kPImmJL59zZf1W1wN1ByJtO2Fm6B75BH7GYb5ezT3vI6bXdnSvsG0k
npyC3Qzu2/jwnB18mnnZ
=g6Tq
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ