You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke libxslt

Sigurnosni nedostatak programske biblioteke libxslt

by Marina Dimic Vugec - 0

==========================================================================
Ubuntu Security Notice USN-3947-1
April 15, 2019

libxslt vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

Libxslt could be made to expose sensitive information if it received
a specially crafted file.

Software Description:
– libxslt: XSLT processing library

Details:

It was discovered that Libxslt incorrectly handled certain documents.
An attacker could possibly use this issue to access sensitive
information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
libxslt1.1                      1.1.32-2ubuntu0.1

Ubuntu 18.04 LTS:
libxslt1.1                      1.1.29-5ubuntu0.1

Ubuntu 16.04 LTS:
libxslt1.1                      1.1.28-2.1ubuntu0.2

Ubuntu 14.04 LTS:
libxslt1.1                      1.1.28-2ubuntu0.2

In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/usn/usn-3947-1
CVE-2019-11068

Package Information:
https://launchpad.net/ubuntu/+source/libxslt/1.1.32-2ubuntu0.1
https://launchpad.net/ubuntu/+source/libxslt/1.1.29-5ubuntu0.1
https://launchpad.net/ubuntu/+source/libxslt/1.1.28-2.1ubuntu0.2
https://launchpad.net/ubuntu/+source/libxslt/1.1.28-2ubuntu0.2—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJctNQAAAoJEEW851uECx9p4K4P/jeusIUWc/VRxdhr0TpGdjQA
Ud5jeKW3V/wUHnlGp09TkpnVt2+FLCV0eaiaSoxQJrDc/TQYOsPoSYae4Y4U6qxy
VGss7ZuXMVci+dIyCsrBNzj2w6XLPgUU0RCpq+UWT0eeD5O9we6U9sRPoNkeEs9E
feInXsnIo/qAIt1v705XXOewUwhPcszottp1MJc1KnQ4W7Kmpg6UFd9GvlOJXbZN
RPlobblrvzgZucwh9YFHt7eZcK5NYzclzuG9XkgJv34LR1mdVvbPSsdvm792KWjH
eXp5bwsuxnvwjgspFzJsxLN5q6MVewslHoqTWiBO3voP+ZcyM8+I1+63sth5tAv5
Kzoc6hnoODg9xB8eHqz37TkuTOePkUbeRPXXO2A1Pjy+OtfDUOVdm23YJlxBnLf6
Cpz0cPjfFKByEgfpBXWRXnUHz6kn7s7fZOS/E2h1yaRkmwZfy71IejY4I1Mrj+WM
g+TsXbIdqOYBr9UVWhgY46xkc2kKOtk2e2cKSDjqkHPs7qCRLkKFCtw0pBV9TAPS
BjfVG+67Ddy0eOnYKDYKK2htLAnmD/iCBOX97BcBX8Zxe79su/7BBqQH1u6iTeXs
wSpLXYYOGmmqz/ByWN4uMrV4+y25stwl8K0mWvY6rNwxWJTLY7DobUm4nWlDpZaa
VTxb7eC//xKUGsLIxGc8
=nKov
—–END PGP SIGNATURE—–

 

==========================================================================
Ubuntu Security Notice USN-3947-2
April 15, 2019

libxslt vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Libxslt could be made to expose sensitive information if it
received a specially crafted file.

Software Description:
- libxslt: XSLT processing library

Details:

USN-3947-1 fixed a vulnerability in Libxslt. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 It was discovered that Libxslt incorrectly handled certain documents.
 An attacker could possibly use this issue to access sensitive
 information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  libxslt1.1                      1.1.26-8ubuntu1.5

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-3947-2
  https://usn.ubuntu.com/usn/usn-3947-1
  CVE-2019-11068-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAABCAAGBQJctNuFAAoJEEW851uECx9pLZ8P/3tyRiZTOWn0zyNgWsW53H7n
y/HsiA664PM4A4NuAAfhcowvgQs3QgpWs4fWI0sBu5UnaiTglAAl5FuNMu5AXycx
5d6Rbit5lLYiXSKS/kZtR4oLsBE0X2TQ0XdmCbIDPqJ8exwxX8SKkA01zL6jKvdp
WjwI1E05wLoQp7LgNnKwhnkjWRAUNhvfFYC4zvXEXA0ibP2z1X35ofZebi97KQbT
2N9NlU92bw88qx1zrsdZ/VfvpjxYwEu8xtoWWoQaDou6TBLJdu4lFGLdzDjuZV2Y
j/qPPGEkzvSEbywAEuMOZh2oThfAARAGDnk6qyol2CsfC437tPXrkOWsfgJ25Im2
+Lv1LoQ8qxZUQeQfhDrkIO9oDfS1PSIOrkNv6+8/iqmyBa9tf2AABO2qbTmsg61U
KI472WQ89Bl3W8Lc9CF1tpXRnuR816hGZUuFclBzjIa9F3dwYhaX9FCEee7Rnb7h
wPmmEypYIxccZupONVw4WqwK0aImYEJBOo2FrlIOH63Xp9GUlbtlJ6iLFdO7VAtG
agz9VeSqyDUP6aStod1hnjie+5DE1KWUNtBYzbHCRvnVQn7K2auYXbJ1msPWX7hK
5SfyuNSPnlhMy8OxTsJrkENbLPVgoJGsOMTS+wBqhn+PLfWFTqISNILV+X9TAuNj
Kyeniff5XGPPk/xX7hUJ
=ooUI
-----END PGP SIGNATURE-----
-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Marina Dimic Vugec
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libTIFF

Otkriven je sigurnosni nedostatak programske biblioteke libTIFF za operacijski sustav Gentoo. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja. Savjetuje...

Close