Oval Definition:oval:com.redhat.rhsa:def:20080287
Revision Date:2008-05-21Version:635
Title:RHSA-2008:0287: libxslt security update (Important)
Description:libxslt is a C library, based on libxml, for parsing of XML files into other textual formats (eg HTML, plain text and other XML representations of the underlying data). It uses the standard XSLT stylesheet transformation mechanism and, being written in plain ANSI C, is designed to be simple to incorporate into other applications

  • Anthony de Almeida Lopes reported the libxslt library did not properly process long "transformation match" conditions in the XSL stylesheet files. An attacker could create a malicious XSL file that would cause a crash, or, possibly, execute and arbitrary code with the privileges of the application using libxslt library to perform XSL transformations. (CVE-2008-1767)

    All users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2008-1767
    RHSA-2008:0287
    RHSA-2008:0287-01
    RHSA-2008:0287-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • libxslt-devel is earlier than 0:1.0.33-6
  • AND libxslt-devel is signed with Red Hat master key
  • libxslt is earlier than 0:1.0.33-6
  • AND libxslt is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • libxslt is earlier than 0:1.1.11-1.el4_6.1
  • AND libxslt is signed with Red Hat master key
  • libxslt-python is earlier than 0:1.1.11-1.el4_6.1
  • AND libxslt-python is signed with Red Hat master key
  • libxslt-devel is earlier than 0:1.1.11-1.el4_6.1
  • AND libxslt-devel is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • libxslt-python is earlier than 0:1.1.17-2.el5_1.1
  • AND libxslt-python is signed with Red Hat redhatrelease key
  • libxslt is earlier than 0:1.1.17-2.el5_1.1
  • AND libxslt is signed with Red Hat redhatrelease key
  • libxslt-devel is earlier than 0:1.1.17-2.el5_1.1
  • AND libxslt-devel is signed with Red Hat redhatrelease key
  • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • libxslt is earlier than 0:1.1.11-1.el4_6.1
  • AND libxslt is signed with Red Hat redhatrelease2 key
  • libxslt-devel is earlier than 0:1.1.11-1.el4_6.1
  • AND libxslt-devel is signed with Red Hat redhatrelease2 key
  • libxslt-python is earlier than 0:1.1.11-1.el4_6.1
  • AND libxslt-python is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • libxslt is earlier than 0:1.1.17-2.el5_1.1
  • AND libxslt is signed with Red Hat redhatrelease2 key
  • libxslt-devel is earlier than 0:1.1.17-2.el5_1.1
  • AND libxslt-devel is signed with Red Hat redhatrelease2 key
  • libxslt-python is earlier than 0:1.1.17-2.el5_1.1
  • AND libxslt-python is signed with Red Hat redhatrelease2 key
  • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • libxslt is earlier than 0:1.0.33-6
  • AND libxslt is signed with Red Hat master key
  • libxslt-devel is earlier than 0:1.0.33-6
  • AND libxslt-devel is signed with Red Hat master key
  • libxslt-python is earlier than 0:1.0.33-6
  • AND libxslt-python is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • libxslt is earlier than 0:1.1.11-1.el4_6.1
  • AND libxslt is signed with Red Hat master key
  • libxslt-devel is earlier than 0:1.1.11-1.el4_6.1
  • AND libxslt-devel is signed with Red Hat master key
  • libxslt-python is earlier than 0:1.1.11-1.el4_6.1
  • AND libxslt-python is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • libxslt is earlier than 0:1.1.17-2.el5_1.1
  • AND libxslt is signed with Red Hat redhatrelease key
  • libxslt-devel is earlier than 0:1.1.17-2.el5_1.1
  • AND libxslt-devel is signed with Red Hat redhatrelease key
  • libxslt-python is earlier than 0:1.1.17-2.el5_1.1
  • AND libxslt-python is signed with Red Hat redhatrelease key
  • BACK