Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3

To: Salvatore Bonaccorso <carnil@debian.org>, 860289@bugs.debian.org
Subject: Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sun, 23 Apr 2017 20:48:29 +0100
Message-id: <[🔎] 1492976909.32026.33.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 860289@bugs.debian.org
In-reply-to: <[🔎] 149215181928.30587.3576443691804770964.reportbug@lorien.valinor.li>
References: <[🔎] 149215181928.30587.3576443691804770964.reportbug@lorien.valinor.li>

Control: tags -1 + confirmed

On Fri, 2017-04-14 at 08:36 +0200, Salvatore Bonaccorso wrote:
> Given the next jessie point release is approaching I would like to
> propose a fix for CVE-2017-5029, #858546 via the upcoming point
> release.
> 
> Attached is the full debdiff.
> 
> The debian/changelog reads as
> 
> +libxslt (1.1.28-2+deb8u3) jessie; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * Check for integer overflow in xsltAddTextString (CVE-2017-5029)
> +    (Closes: #858546)

Please go ahead, thanks.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
  - From: Salvatore Bonaccorso <carnil@debian.org>

References:
- Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Processed: Re: Bug#860798: jessie-pu: yara/3.1.0-2+deb8u1
Next by Date: Processed: Re: Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
Previous by thread: Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
Next by thread: Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
Index(es):
- Date
- Thread