blob: 6c53293b7e797b1641b8707cd3b53cb44a8a6a81 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200808-06">
<title>libxslt: Execution of arbitrary code</title>
libxslt is affected by a heap-based buffer overflow, possibly leading to
the execution of arbitrary code.
<product type="ebuild">libxslt</product>
<announced>August 06, 2008</announced>
<revised>August 06, 2008: 01</revised>
<package name="dev-libs/libxslt" auto="yes" arch="*">
<unaffected range="ge">1.1.24-r1</unaffected>
<unaffected range="lt">1.1.8</unaffected>
<vulnerable range="lt">1.1.24-r1</vulnerable>
libxslt is the XSLT C library developed for the GNOME project. XSLT is
an XML language to define transformations for XML.
Chris Evans (Google Security) reported that the libexslt library that
is part of libxslt is affected by a heap-based buffer overflow in the
RC4 encryption/decryption functions.
<impact type="normal">
A remote attacker could entice a user to process an XML file using a
specially crafted XSLT stylesheet in an application linked against
libxslt, possibly leading to the execution of arbitrary code with the
privileges of the user running the application.
There is no known workaround at this time.
All libxslt users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=dev-libs/libxslt-1.1.24-r1&quot;</code>
<uri link="">CVE-2008-2935</uri>
<metadata tag="requester" timestamp="Thu, 31 Jul 2008 23:42:58 +0000">
<metadata tag="submitter" timestamp="Fri, 01 Aug 2008 23:18:29 +0000">
<metadata tag="bugReady" timestamp="Fri, 01 Aug 2008 23:18:48 +0000">