Synopsis: Moderate: libxslt security update
Advisory ID: SLSA-2020:4005-1
Issue Date: 2020-10-01
CVE Numbers: CVE-2019-11068
—
Security Fix(es):
* libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by
crafted URL (CVE-2019-11068)
* libxslt: use after free in xsltCopyText in transform.c could lead to
information disclosure (CVE-2019-18197)
—
SL7
x86_64
libxslt-devel-1.1.28-6.el7.x86_64.rpm
libxslt-1.1.28-6.el7.i686.rpm
libxslt-devel-1.1.28-6.el7.i686.rpm
libxslt-1.1.28-6.el7.x86_64.rpm
libxslt-debuginfo-1.1.28-6.el7.i686.rpm
libxslt-debuginfo-1.1.28-6.el7.x86_64.rpm
libxslt-python-1.1.28-6.el7.x86_64.rpm
– Scientific Linux Development Team
