Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Cc: 860289@bugs.debian.org
Subject: Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 24 Apr 2017 06:37:58 +0200
Message-id: <[🔎] 20170424043758.GB10180@lorien.valinor.li>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 860289@bugs.debian.org
In-reply-to: <[🔎] 1492976909.32026.33.camel@adam-barratt.org.uk>
References: <[🔎] 149215181928.30587.3576443691804770964.reportbug@lorien.valinor.li> <[🔎] 1492976909.32026.33.camel@adam-barratt.org.uk>

Hi,

On Sun, Apr 23, 2017 at 08:48:29PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Fri, 2017-04-14 at 08:36 +0200, Salvatore Bonaccorso wrote:
> > Given the next jessie point release is approaching I would like to
> > propose a fix for CVE-2017-5029, #858546 via the upcoming point
> > release.
> > 
> > Attached is the full debdiff.
> > 
> > The debian/changelog reads as
> > 
> > +libxslt (1.1.28-2+deb8u3) jessie; urgency=medium
> > +
> > +  * Non-maintainer upload.
> > +  * Check for integer overflow in xsltAddTextString (CVE-2017-5029)
> > +    (Closes: #858546)
> 
> Please go ahead, thanks.

Thank you, uploaded.

Regards,
Salvatore

Reply to:

Follow-Ups:
- Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#861039: unblock: jd/1:2.8.9-150226-5+b1
Next by Date: Bug#861054: unblock rss2email/1:3.9-2.1
Previous by thread: Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
Next by thread: Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3
Index(es):
- Date
- Thread