Описание
Security update for libxslt
This update for libxslt fixes the following issues:
Security issues fixed:
- CVE-2019-13118: Fixed a read of uninitialized stack data (bsc#1140101).
- CVE-2019-13117: Fixed a uninitialized read which allowed to discern whether a byte on the stack contains certain special characters (bsc#1140095).
- CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have led to information disclosure (bsc#1154609).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0731-1
- SUSE Security Ratings
- SUSE Bug 1140095
- SUSE Bug 1140101
- SUSE Bug 1154609
- SUSE CVE CVE-2019-13117 page
- SUSE CVE CVE-2019-13118 page
- SUSE CVE CVE-2019-18197 page
Описание
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.
Затронутые продукты
Ссылки
- CVE-2019-13117
- SUSE Bug 1140095
- SUSE Bug 1157028
- SUSE Bug 1160968
Описание
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
Затронутые продукты
Ссылки
- CVE-2019-13118
- SUSE Bug 1140101
- SUSE Bug 1157028
- SUSE Bug 1160968
Описание
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.
Затронутые продукты
Ссылки
- CVE-2019-18197
- SUSE Bug 1154609
- SUSE Bug 1157028
- SUSE Bug 1162833
- SUSE Bug 1169511
- SUSE Bug 1190108