Your message dated Mon, 17 Mar 2025 14:53:21 +0000
with message-id <e1tubqd-00gzug...@fasolo.debian.org>
and subject line Bug#1100566: fixed in libxslt 1.1.35-1.2
has caused the Debian Bug report #1100566,
regarding libxslt: CVE-2025-24855: Use-after-free due to xsltEvalXPathStringNs
leaking xpathCtxt->node
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1100566: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libxslt
Version: 1.1.35-1
Severity: grave
Tags: security upstream
Forwarded: https://gitlab.gnome.org/GNOME/libxslt/-/issues/128
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi,
The following vulnerability was published for libxslt.
CVE-2025-24855[0]:
| numbers.c in libxslt before 1.1.43 has a use-after-free because, in
| nested XPath evaluations, an XPath context node can be modified but
| never restored. This is related to xsltNumberFormatGetValue,
| xsltEvalXPathPredicate, xsltEvalXPathStringNs, and
| xsltComputeSortResultInternal.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-24855
https://www.cve.org/CVERecord?id=CVE-2025-24855
[1] https://gitlab.gnome.org/GNOME/libxslt/-/issues/128
[2]
https://gitlab.gnome.org/GNOME/libxslt/-/commit/c7c7f1f78dd202a053996fcefe57eb994aec8ef2
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libxslt
Source-Version: 1.1.35-1.2
Done: Salvatore Bonaccorso <car...@debian.org>
We believe that the bug you reported is fixed in the latest version of
libxslt, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1100...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <car...@debian.org> (supplier of updated libxslt package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 15 Mar 2025 14:03:26 +0100
Source: libxslt
Architecture: source
Version: 1.1.35-1.2
Distribution: unstable
Urgency: medium
Maintainer: Debian XML/SGML Group <debian-xml-sgml-p...@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <car...@debian.org>
Closes: 1100565 1100566
Changes:
libxslt (1.1.35-1.2) unstable; urgency=medium
.
* Non-maintainer upload.
* Fix UAF related to excluded namespaces (CVE-2024-55549) (Closes: #1100565)
* Fix use-after-free of XPath context node (CVE-2025-24855)
(Closes: #1100566)
Checksums-Sha1:
27bd74c40c19c8bdd4c9e9c245d73dad61f3dca6 2319 libxslt_1.1.35-1.2.dsc
12fe0d805d3487cd9a8ed45d501f977e4b025831 23644 libxslt_1.1.35-1.2.debian.tar.xz
Checksums-Sha256:
f65d6360b13fa59fd2f283296ae83e86640d5270cf59cbbe7de17761520577a9 2319
libxslt_1.1.35-1.2.dsc
6f56561d6f8d129ca6c72ada897f59684a8ea1a8acaa6835c8152e44b8151000 23644
libxslt_1.1.35-1.2.debian.tar.xz
Files:
a0b5548edabe3fcd8a16273a106b73d2 2319 text optional libxslt_1.1.35-1.2.dsc
35cb7f96a16f23f8a4b7005f26ac296c 23644 text optional
libxslt_1.1.35-1.2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmfVfdBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EdX0QAIZK0G+hem1KdkOjwvYB0IHz0+9MPhrV
v86O5ZjId9Z+nU+yXzJRVb8i4OcCaOM2KAFAiiw7h27fLNdchx+tZ6wQ7h+NWZr4
gZcsf9/iNxm4I4B/s6JnvWeBiWww1IWBlT1BGAh96Wc6PRUSsB4vduyt0fb6nUn8
Cru4aEutcMA4NLHnylQnET9J51oEKnN96Rq3Y7q2AuPR69bP6lY/7/Z8vACBk5jk
98NDtxiahpTVzs+OJczz++tZ1X2UG770tNbnJTSTK2f0kAz+M37jk3TQO4gRsVRb
z9hHYKSApHY/dhJU3o57bcC6EGIHl3rsXmC6RBP3MPPfXcPC4JsKF6Neunt9befb
oOAg16Hc+Vt7lhDSMoyBKs4+K2YCIE7Xrz/t+VA/s4A+CQ8+C7lCwDy0aDqINB6G
MulQOVEzLNRDLQOEkJkXgiLpm4IzCmnHDx6atGKiY0UInMs84ITmlS1zVEn/UH00
9xy88gBBcj7nX3sEOSxURbq7L5gkBrr1irwr+TDur59jqV/sj3TPksMhQsMMooTD
kwNMMPpGwOGCbcvMgiuzXrBLaoL3Kl8yJi/LCsJGFN7JIA8BtOpT040gUp4x74EL
Q2PEOF8CgvLO9mXtR4Fm/VBEM5ePGs+I9EKO31iGA/pGgvGErz+jcZBsFLbymuk8
2NmgWvqio2MT
=SdDA
-----END PGP SIGNATURE-----
pgpL9uBZKjFe0.pgp
Description: PGP signature
--- End Message ---
