Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
Control: tags -1 + confirmed
On Fri, 2017-04-14 at 08:36 +0200, Salvatore Bonaccorso wrote:
> Given the next jessie point release is approaching I would like to
> propose a fix for CVE-2017-5029, #858546 via the upcoming point
> release.
>
> Attached is the full debdiff.
>
> The debian/changelog reads as
>
> +libxslt (1.1.28-2+deb8u3) jessie; urgency=medium
> +
> + * Non-maintainer upload.
> + * Check for integer overflow in xsltAddTextString (CVE-2017-5029)
> + (Closes: #858546)
Please go ahead, thanks.
Regards,
Adam
Reply to: