Oval Definition:oval:org.opensuse.security:def:56301
Revision Date:2020-12-01Version:1
Title:Security update for libxslt (Moderate)
Description:



This update for libxslt fixes the following issues:

- CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page (bsc#1035905).

- CVE-2016-4738: Fix heap overread in xsltFormatNumberConversion: An empty decimal-separator could cause a heap overread. This can be exploited to leak a couple of bytes after the buffer that holds the pattern string (bsc#1005591).

- CVE-2015-9019: Properly initialize random generator (bsc#934119).

- CVE-2015-7995: Vulnerability in function xsltStylePreCompute' in preproc.c could cause a type confusion leading to DoS. (bsc#952474)


Family:unixClass:patch
Status:Reference(s):1005591
1024051
1035905
1038690
1039357
1045315
1069708
1071471
1081557
1131390
877642
901488
907514
910258
918984
923967
932267
934119
944463
944697
945167
947165
949138
949549
950367
950703
950705
950706
952474
986858
CVE-2006-4197
CVE-2009-0186
CVE-2010-0624
CVE-2010-2891
CVE-2011-0707
CVE-2011-1006
CVE-2011-1022
CVE-2011-2696
CVE-2012-6706
CVE-2013-4509
CVE-2014-0222
CVE-2014-9112
CVE-2014-9496
CVE-2014-9756
CVE-2015-4037
CVE-2015-5239
CVE-2015-6815
CVE-2015-7311
CVE-2015-7546
CVE-2015-7805
CVE-2015-7835
CVE-2015-7969
CVE-2015-7971
CVE-2015-7995
CVE-2015-8075
CVE-2015-9019
CVE-2016-4738
CVE-2017-1000366
CVE-2017-15868
CVE-2017-16939
CVE-2017-18190
CVE-2017-5029
CVE-2017-5838
CVE-2018-14734
SUSE-SU-2015:1894-1
SUSE-SU-2017:0967-1
SUSE-SU-2017:1313-1
SUSE-SU-2017:1614-1
SUSE-SU-2017:1745-1
SUSE-SU-2018:0238-1
SUSE-SU-2018:0604-1
SUSE-SU-2019:1422-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libIlmImf-2_2-23-2.2.1-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • chromedriver-75.0.3770.80-lp151.2.6 is installed
  • OR chromium-75.0.3770.80-lp151.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • xen-4.4.3_02-26 is installed
  • OR xen-doc-html-4.4.3_02-26 is installed
  • OR xen-kmp-default-4.4.3_02_3.0.101_65-26 is installed
  • OR xen-kmp-pae-4.4.3_02_3.0.101_65-26 is installed
  • OR xen-libs-4.4.3_02-26 is installed
  • OR xen-libs-32bit-4.4.3_02-26 is installed
  • OR xen-tools-4.4.3_02-26 is installed
  • OR xen-tools-domU-4.4.3_02-26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libxslt-1.1.28-16 is installed
  • OR libxslt-tools-1.1.28-16 is installed
  • OR libxslt1-1.1.28-16 is installed
  • OR libxslt1-32bit-1.1.28-16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • ibus-chewing-1.4.10.1-2 is installed
  • OR ibus-pinyin-1.5.0-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND unrar-5.0.14-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • cpio-2.11-29 is installed
  • OR cpio-lang-2.11-29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_120-92_70-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_20-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_73-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • python-cupshelpers-1.5.7-7 is installed
  • OR system-config-printer-1.5.7-7 is installed
  • OR system-config-printer-common-1.5.7-7 is installed
  • OR system-config-printer-common-lang-1.5.7-7 is installed
  • OR system-config-printer-dbus-service-1.5.7-7 is installed
  • OR udev-configure-printer-1.5.7-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.31 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed
  • OR python-2.7.13-28.31 is installed
  • OR python-32bit-2.7.13-28.31 is installed
  • OR python-base-2.7.13-28.31 is installed
  • OR python-base-32bit-2.7.13-28.31 is installed
  • OR python-curses-2.7.13-28.31 is installed
  • OR python-demo-2.7.13-28.31 is installed
  • OR python-devel-2.7.13-28.31 is installed
  • OR python-doc-2.7.13-28.31 is installed
  • OR python-doc-pdf-2.7.13-28.31 is installed
  • OR python-gdbm-2.7.13-28.31 is installed
  • OR python-idle-2.7.13-28.31 is installed
  • OR python-tk-2.7.13-28.31 is installed
  • OR python-xml-2.7.13-28.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND apache2-mod_nss-1.0.14-19.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND crowbar-openstack-3.0+git.1456169766.1e60d19-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND ucode-intel-20180703-13.25 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • tomcat-8.0.53-29.22 is installed
  • OR tomcat-admin-webapps-8.0.53-29.22 is installed
  • OR tomcat-docs-webapp-8.0.53-29.22 is installed
  • OR tomcat-el-3_0-api-8.0.53-29.22 is installed
  • OR tomcat-javadoc-8.0.53-29.22 is installed
  • OR tomcat-jsp-2_3-api-8.0.53-29.22 is installed
  • OR tomcat-lib-8.0.53-29.22 is installed
  • OR tomcat-servlet-3_1-api-8.0.53-29.22 is installed
  • OR tomcat-webapps-8.0.53-29.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-actionview-4_2-4.2.9-9.6 is installed
  • OR rubygem-actionview-4_2-4.2.9-9.6 is installed
    • BACK